TV-2024-1004

Improper fingerprint validation in TeamViewer client prior Version 15.54

Bulletin ID
TV-2024-1004
Issue Date
28 May 2024
Last Update
28 May 2024
Priority
Moderate
CVSS
6.4 (medium)
Assigned CVE
CVE-2024-2451
Affected Products
TeamViewer Remote full client
TeamViewer Remote Host

1. Summary

A vulnerability has been discovered in TeamViewer Remote full and Host client prior Version 15.54, that allows executable sideloading from an administrative account.

2. Vulnerability Details

CVE-ID

Description

An improper fingerprint validation of an executable in TeamViewer Remote full & Host prior Version 15.54 for Windows and macOS allows an administrative user to utilize the startup process of the client to run executables with further elevated privileges (e.g. to SYSTEM on Windows).

An active exploit would need an administrative user to replace a file in the program folder of Windows or macOS.

CVSS3.0 Score

Base Score 6.4 (Medium)

CVSS3.1 Vector String

Problem type

3. Affected products & versions

Product Versions Info

Teamviewer Remote full client (WIN)

15.48 - 15.53

Teamviewer Remote Host (WIN)

15.48 - 15.53

Teamviewer Remote full client (macOS)

15.51 - 15.53

Teamviewer Remote Host (macOS)

15.51 - 15.53

4. Solutions and mitigations

Recommended: Update to the latest version (15.54 or higher).

5. Acknowledgments

We thank Maximilian Barz very much for his contribution and responsible disclosure.