A significant security vulnerability in the TeamViewer Remote Management solution for Windows could allow attackers with local access to delete arbitrary files with SYSTEM privileges, potentially leading to privilege escalation. The vulnerability, identified as CVE-2025-36537, was announced on June 24, 2025, and carries a CVSS score of 7.0 (High). TeamViewer has released patches and strongly recommends users update to the latest versions immediately to mitigate this risk.
Source: https://cybersecuritynews.com/teamviewer-windows-vulnerability/
TPRM report: https://scoringcyber.rankiteo.com/company/teamviewer
"id": "tea901062525",
"linkid": "teamviewer",
"type": "Vulnerability",
"date": "6/2025",
"severity": "25",
"impact": "",
"explanation": "Attack without any consequences: Attack in which data is not compromised"{'affected_entities': [{'industry': 'Technology',
'name': 'TeamViewer',
'type': 'Software'}],
'attack_vector': 'Local access',
'date_publicly_disclosed': '2025-06-24',
'description': 'A significant security vulnerability in the TeamViewer Remote '
'Management solution for Windows that could allow attackers '
'with local access to delete arbitrary files with SYSTEM '
'privileges, potentially leading to privilege escalation.',
'impact': {'systems_affected': 'Windows systems with TeamViewer Remote '
'Management features enabled'},
'motivation': 'Privilege escalation',
'post_incident_analysis': {'corrective_actions': ['Patching the '
'vulnerability'],
'root_causes': 'Incorrect Permission Assignment '
'for Critical Resource (CWE-732)'},
'recommendations': ['Update to the latest version of TeamViewer immediately'],
'references': [{'source': 'Security Bulletin'}],
'response': {'remediation_measures': ['Update to TeamViewer version 15.67 or '
'later']},
'title': 'TeamViewer Remote Management Vulnerability (CVE-2025-36537)',
'type': 'Vulnerability',
'vulnerability_exploited': 'CVE-2025-36537'}