VYPR

Vendor CVEs

Teamviewer

All CVEs

39 total · sorted by risk
  • CVE-2018-16550CriSep 5, 2018
    risk 0.64cvss 9.8epss 0.04

    TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.

  • CVE-2024-7479HigSep 25, 2024
    risk 0.58cvss 8.8epss 0.00

    Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…

  • CVE-2024-7481HigSep 25, 2024
    risk 0.57cvss 8.8epss 0.00

    Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their…

  • CVE-2018-14333HigJul 17, 2018
    risk 0.53cvss 8.1epss 0.03

    TeamViewer through 13.1.1548 stores a password in Unicode format within TeamViewer.exe process memory between "[00 88] and "[00 00 00]" delimiters, which might make it easier for attackers to obtain sensitive information by leveraging an unattended workstation on which…

  • CVE-2025-0065HigJan 28, 2025
    risk 0.51cvss 7.8epss 0.01

    Improper Neutralization of Argument Delimiters in the TeamViewer_service.exe component of TeamViewer Clients prior version 15.62 for Windows allows an attacker with local unprivileged access on a Windows system to elevate privileges via argument injection.

  • CVE-2026-23572HigFeb 5, 2026
    risk 0.47cvss 7.2epss 0.00

    Improper access control in the TeamViewer Full and Host clients (Windows, macOS, Linux) prior version 15.74.5 allows an authenticated user to bypass additional access controls with “Allow after confirmation” configuration in a remote…

  • CVE-2025-36537HigJun 24, 2025
    risk 0.46cvss 7.0epss 0.00

    Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of TeamViewer Remote and Tensor prior Version 15.67 on Windows allows a local unprivileged user to trigger arbitrary file deletion with SYSTEM privileges via leveraging the MSI…

  • CVE-2024-12363HigDec 11, 2024
    risk 0.46cvss 7.1epss 0.00

    Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management.

  • CVE-2024-1933HigMar 26, 2024
    risk 0.46cvss 7.1epss 0.00

    Insecure UNIX Symbolic Link (Symlink) Following in TeamViewer Remote Client prior Version 15.52 for macOS allows an attacker with unprivileged access, to potentially elevate privileges or conduct a denial-of-service-attack by overwriting the symlink.

  • CVE-2024-2451MedMay 28, 2024
    risk 0.42cvss 6.4epss 0.00

    Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.

  • CVE-2025-44002MedAug 26, 2025
    risk 0.40cvss 6.1epss 0.00

    Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link…

  • CVE-2026-8381MedMay 22, 2026
    risk 0.35cvss 5.4epss 0.00

    A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources…

  • CVE-2025-41421MedOct 1, 2025
    risk 0.31cvss 4.7epss 0.00

    Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows — in versions prior to 15.70 of TeamViewer Remote and Tensor — allows an attacker with local, unprivileged access to a device lacking adequate malware protection to escalate privileges by…

  • CVE-2019-18988KEVFeb 7, 2020
    risk 0.16cvss epss 0.05

    TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least…

  • CVE-2020-13699Jul 29, 2020
    risk 0.08cvss epss 0.26

    TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication…

  • CVE-2010-3128Aug 26, 2010
    risk 0.04cvss epss 0.08

    Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

  • CVE-2026-23570Jan 29, 2026
    risk 0.00cvss epss 0.01

    A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This…

  • CVE-2026-23569Jan 29, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack…

  • CVE-2026-23568Jan 29, 2026
    risk 0.00cvss epss 0.00

    An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special…

  • CVE-2026-23567Jan 29, 2026
    risk 0.00cvss epss 0.00

    An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a…

  • CVE-2026-23566Jan 29, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the…

  • CVE-2026-23565Jan 29, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause the NomadBranch.exe process to terminate via crafted requests. This can result in a…

  • CVE-2026-23564Jan 29, 2026
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure…

  • CVE-2026-23563Jan 29, 2026
    risk 0.00cvss epss 0.00

    Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction) in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control…

  • CVE-2025-46266Dec 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to coerce the service into transmitting data to an arbitrary internal IP address, potentially leaking sensitive…

  • CVE-2025-44016Dec 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an…

  • CVE-2025-12687Dec 11, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to cause a denial of service (application crash) via a crafted command, resulting in service termination.

  • CVE-2024-6053Aug 28, 2024
    risk 0.00cvss epss 0.00

    Improper access control in the clipboard synchronization feature in TeamViewer Full Client prior version 15.57 and TeamViewer Meeting prior version 15.55.3 can lead to unintentional sharing of the clipboard with the current presenter of a meeting.

  • CVE-2024-0819Feb 27, 2024
    risk 0.00cvss epss 0.00

    Improper initialization of default settings in TeamViewer Remote Client prior version 15.51.5 for Windows, Linux and macOS, allow a low privileged user to elevate privileges by changing the personal password setting and establishing a remote connection to a logged-in admin…

  • CVE-2023-45160Oct 5, 2023
    risk 0.00cvss epss 0.01

    In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. The 1E Client's temporary…

  • CVE-2023-0837Jun 14, 2023
    risk 0.00cvss epss 0.00

    An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to…

  • CVE-2022-23242Mar 23, 2022
    risk 0.00cvss epss 0.00

    TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated…

  • CVE-2021-35005Jan 24, 2022
    risk 0.00cvss epss 0.01

    This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists…

  • CVE-2021-34858Jan 13, 2022
    risk 0.00cvss epss 0.04

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the…

  • CVE-2021-34859Oct 25, 2021
    risk 0.00cvss epss 0.09

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of TeamViewer 15.16.8.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists…

  • CVE-2021-34803Jun 16, 2021
    risk 0.00cvss epss 0.00

    TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations.

  • CVE-2019-19362Dec 2, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it was later fixed.) Upon login, every communication is saved within Windows main memory. When a user logs out or deletes conversation history…

  • CVE-2019-18196Oct 24, 2019
    risk 0.00cvss epss 0.01

    A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 (fixed in 11.0.214397), 12.0.181268 (fixed in 12.0.214399), 13.2.36215 (fixed in 13.2.36216), and 14.6.4835 (fixed in 14.7.1965) on Windows could allow an attacker to perform code…

  • CVE-2019-11769Sep 11, 2019
    risk 0.00cvss epss 0.00

    An issue was discovered in TeamViewer 14.2.2558. Updating the product as a non-administrative user requires entering administrative credentials into the GUI. Subsequently, these credentials are processed in Teamviewer.exe, which allows any application running in the same…