There are high risk security vulnerabilities in the TeamViewer remote maintenance software that allow attackers to expand their rights in the system. The manufacturer now released updated software versions this week that plugs these security holes.

TeamViewer discusses the vulnerabilities in the according security bulletin. In the Teamviewer remote clients, attackers can abuse inadequate cryptographic checking of driver installations to expand their rights and install drivers (CVE-2024-7479, CVE-2024-7481; both CVSS 8.8, risk high).

TeamViewer Remote Full Client and TeamViewer Remote Host affected

The security vulnerabilities affect the TeamViewer_service.exe component in both TeamViewer Remote Host and TeamViewer Remote Full Client, each for Windows. Version 15.58.4 or newer, available since Tuesday this week, fix these security vulnerabilities.

The TeamViewer Remote Full Client and TeamViewer Remote Host for Windows in versions prior to 15.58.4, 14.7.48796, 13.2.36225, 12.0.259312 and 11.0.259311 are affected. The bug-fixed software versions are also available for download on the TeamViewer download page. Anyone who uses TeamViewer should update as soon as possible.

TeamViewer does not mention any temporary countermeasures. It also remains unclear whether it is already being abused in the wild. However, it was reported by Trend Micro's Zero-Day Initiative as part of a responsible disclosure. TeamViewer does not discuss how to recognize a successful attack.