CVE-2025-36537
Incorrect Permission Assignment for Critical Resource in TeamViewer Remote Management
Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
TeamViewer · Full ClientTeamViewer · Full Client (Win7/8)TeamViewer · HostTeamViewer · Host (Win7/8)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →