VYPR
Vendor

Teamviewer

Products
2
CVEs
39
Across products
39
Status
Private

Products

2

Recent CVEs

39
View all 39 CVEs →
  • CVE-2018-16550CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.04

    TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.

  • CVE-2024-7479HigSep 25, 2024
    risk 0.58cvss 8.8epss 0.00

    Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…

  • CVE-2024-7481HigSep 25, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…

  • CVE-2018-14333HigJul 17, 2018
    risk 0.53cvss 8.1epss 0.03

    TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which…

  • CVE-2025-0065HigJan 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.

  • CVE-2026-23572HigFeb 5, 2026
    risk 0.47cvss 7.2epss 0.00

    Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confirmation” configuration in a remote…

  • CVE-2025-36537HigJun 24, 2025
    risk 0.46cvss 7.0epss 0.00

    Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI…

  • CVE-2024-12363HigDec 11, 2024
    risk 0.46cvss 7.1epss 0.00

    Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management.

  • CVE-2024-1933HigMar 26, 2024
    risk 0.46cvss 7.1epss 0.00

    Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a denial-of-service-attack by overwriting the symlink.

  • CVE-2024-2451MedMay 28, 2024
    risk 0.42cvss 6.4epss 0.00

    Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.

  • CVE-2025-44002MedAug 26, 2025
    risk 0.40cvss 6.1epss 0.00

    Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link…

  • CVE-2026-8381MedMay 22, 2026
    risk 0.35cvss 5.4epss 0.00

    A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources…

  • CVE-2025-41421MedOct 1, 2025
    risk 0.31cvss 4.7epss 0.00

    Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in versions prior to 15.70 of TeamViewer Remote and Tensor — allows an attacker with local, unprivileged access to a device lacking adequate malware protection to escalate privileges by…

  • CVE-2019-18988KEVFeb 7, 2020
    risk 0.16cvss epss 0.05

    TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least…

  • CVE-2020-13699Jul 29, 2020
    risk 0.08cvss epss 0.26

    TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication…

  • CVE-2010-3128Aug 26, 2010
    risk 0.04cvss epss 0.08

    Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

  • CVE-2026-23570Jan 29, 2026
    risk 0.00cvss epss 0.01

    A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This…

  • CVE-2026-23569Jan 29, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack…

  • CVE-2026-23568Jan 29, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special…

  • CVE-2026-23567Jan 29, 2026
    risk 0.00cvss epss 0.00

    An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a…