CyberSecurity news
@securityonline.info
//
TeamViewer has released patches to address a high-severity privilege escalation vulnerability affecting its Windows client and host applications. The vulnerability, identified as CVE-2025-0065, has a CVSS score of 7.8, indicating a significant risk. The flaw stems from improper handling of argument delimiters in the "TeamViewer_service.exe" component. This could allow a local, unprivileged attacker to inject malicious arguments, thereby gaining elevated privileges on the compromised system potentially granting full control. The vulnerability affects TeamViewer clients for Windows prior to version 15.62.
While there is no evidence that this vulnerability is being exploited in the wild, TeamViewer is strongly urging all Windows users to update to the latest available versions of the client, specifically version 15.62 or later, to mitigate any potential risk. The vulnerability was discovered by an anonymous researcher working with Trend Micro Zero Day Initiative. TeamViewer has released updated packages for TeamViewer Remote and TeamViewer Tensor including versions 11.0.259318, 12.0.259319, 13.2.36226, 14.7.48799 and 15.62 for both full client and host versions, available for download on their website.
ImgSrc: securityonline.
References :
- securityaffairs.com: TeamViewer fixed a vulnerability in Windows client and host applications
- securityonline.info: CVE-2025-0065: TeamViewer Patches Privilege Escalation Vulnerability in Windows Clients
- securityonline.info: CVE-2025-0065: TeamViewer Patches Privilege Escalation Vulnerability in Windows Clients
- www.heise.de: Teamviewer: Rights expansion possible due to security vulnerability Teamviewer warns of a vulnerability in the Windows versions of the remote maintenance software that allows attackers to escalate rights.
- heise online English: Teamviewer: Rights expansion possible due to security vulnerability
Classification:
- HashTags: #TeamViewer #PrivilegeEscalation #SecurityPatch
- Company: TeamViewer
- Target: Windows Systems
- Product: TeamViewer
- Feature: Privilege Escalation
- Malware: CVE-2025-0065
- Type: Vulnerability
- Severity: High