TeamViewer warns of serious security vulnerabilities

TeamViewer has released a security alert for its TeamViewer Remote Client software for Windows. In it, the company describes two vulnerabilities in TeamViewer Remote and TeamViewer Tensor. They can allow an attacker to gain privileges higher than those of the local user.

The vulnerability is based on incorrect checking of cryptographic signatures by TeamViewer_service.exe. Versions 11, 12, 13, 14 and 15 of the remote maintenance software are affected.

TeamViewer indicates that an attacker needs local access to a Windows system. The vulnerability was discovered by security researcher Peter Gabaldon, who reported it via Trend Micro’s Zero Day Initiative.

An update to TeamViewer Full Client 15.58.4 or TeamViewer Host 15.58.4 is already available to users. In addition, the company offers updates for the older versions of both applications that are still supported. TeamViewer provides a complete list in its security warning.