Primary

Context

TeamViewer Remote Management Incorrect Permission Assignment Vulnerability Allowing Arbitrary File Deletion with SYSTEM Privileges

Vulnerability

Patched

A vulnerability exists in TeamViewer Remote Management features (Backup, Monitoring, and Patch Management) on Windows, prior to version 15.67. It allows local unprivileged users to delete files using SYSTEM privileges by exploiting the MSI rollback mechanism. This incorrect permission assignment could lead to unauthorized file removal with elevated rights.

Impact

Exploitation of this vulnerability could result in unauthorized file deletion with SYSTEM privileges, potentially allowing for a general escalation of privileges on the affected system.

Remediation

Users are advised to update TeamViewer to version 15.67 or the latest available version.

Added: Jun 24, 2025, 3:18 PM

Updated: Jun 24, 2025, 4:40 PM

Vulnerability Rating

Custom Algorithm

spread

10.0

impact

2.5

exploitability

3.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

10.0

impact

2.5

exploitability

3.6

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TeamViewer Remote Management Incorrect Permission Assignment Vulnerability Allowing Arbitrary File Deletion with SYSTEM Privileges

Vulnerability

Impact

Remediation

Affected Products

TeamViewer Remote Management

TeamViewer Remote Full Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating