High severity7.0NVD Advisory· Published Jun 24, 2025· Updated Apr 15, 2026
CVE-2025-36537
CVE-2025-36537
Description
Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI rollback mechanism. The vulnerability only applies to the Remote Management features: Backup, Monitoring, and Patch Management.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <15.67
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.