CVE-2024-7479

EUVD-2024-48397
Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
teamviewerfull_client
15.0.0 ≤
𝑥
< 15.58.4
ADP
teamviewerfull_client
14.0.0 ≤
𝑥
< 14.7.48796
ADP
teamviewerfull_client
13.0.0 ≤
𝑥
< 13.2.36225
ADP
teamviewerfull_client
12.0.0 ≤
𝑥
< 12.0.259312
ADP
teamviewerfull_client
11.0.0 ≤
𝑥
< 11.0.259311
ADP
teamviewerhost
15.0.0 ≤
𝑥
< 15.58.4
ADP
teamviewerhost
14.0.0 ≤
𝑥
< 14.7.48796
ADP
teamviewerhost
13.0.0 ≤
𝑥
< 13.2.36225
ADP
teamviewerhost
12.0.0 ≤
𝑥
< 12.0.259312
ADP
teamviewerhost
11.0.0 ≤
𝑥
< 11.0.259311
ADP
Common Weakness Enumeration
References
https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/