CVE-2024-7481

Summary

Improper verification of cryptographic signature during installation of a Printer driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.

Affected Software

VendorProductVersion RangeStatus
TeamViewerRemote Full Client15.0.0 < 15.58.4affected
TeamViewerRemote Full Client14.0.0 < 14.7.48796affected
TeamViewerRemote Full Client13.0.0 < 13.2.36225affected
TeamViewerRemote Full Client12.0.0 < 12.0.259312affected
TeamViewerRemote Full Client11.0.0 < 11.0.259311affected
TeamViewerRemote Host15.0.0 < 15.58.4affected
TeamViewerRemote Host14.0.0 < 14.7.48796affected
TeamViewerRemote Host13.0.0 < 13.2.36225affected
TeamViewerRemote Host12.0.0 < 12.0.259312affected
TeamViewerRemote Host11.0.0 < 11.0.259311affected

Weaknesses

  • CWE-347: CWE-347 Improper Verification of Cryptographic Signature

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References