Primary

Context

TeamViewer Full and Host Clients Improper Access Control Vulnerability

Vulnerability

Patched

A vulnerability allowing authenticated users to bypass access controls in TeamViewer Full and Host clients on Windows, macOS, and Linux, prior to version 15.74.5, has been identified. This issue arises from improper access control, which allows users to exploit the 'Allow after confirmation' setting in remote sessions, potentially leading to unauthorized access before local confirmation. To exploit this vulnerability, users must be authenticated for the remote session via ID/password, Session Link, or Easy Access.

Impact

Exploitation of this vulnerability could result in unauthorized access during remote sessions, bypassing local confirmation requirements.

Remediation

Users are advised to update to TeamViewer version 15.74.5 or the latest available version. If an immediate update is not possible, the 'Control this computer – Allow after Confirmation' access control setting can be applied as a temporary mitigation.

Added: Feb 5, 2026, 12:18 PM

Updated: Feb 5, 2026, 3:08 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

3.3

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

3.3

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TeamViewer Full and Host Clients Improper Access Control Vulnerability

Vulnerability

Impact

Remediation

Affected Products

TeamViewer Full Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating