Primary

Context

TeamViewer Full Client and Host Directory Validation Race Condition Vulnerability Allowing Arbitrary File Creation with SYSTEM Privileges

Vulnerability

Patched

A race condition vulnerability has been identified in the directory validation logic of the TeamViewer Full Client and Host for Windows, prior to version 15.69. This vulnerability allows a local non-administrative user to create arbitrary files with SYSTEM privileges, potentially causing a denial-of-service condition. The issue arises from symbolic link manipulation during the directory verification process.

Impact

Exploitation of this vulnerability can lead to arbitrary file creation with SYSTEM privileges, causing a local denial-of-service condition.

Remediation

Users are advised to update to TeamViewer version 15.69 or the latest available version.

Added: Aug 26, 2025, 11:17 AM

Updated: Aug 26, 2025, 1:51 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

2.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

2.9

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TeamViewer Full Client and Host Directory Validation Race Condition Vulnerability Allowing Arbitrary File Creation with SYSTEM Privileges

Vulnerability

Impact

Remediation

Affected Products

TeamViewer Remote Full Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating