TeamViewer has released a security update addressing a critical vulnerability (CVE-2025-36537) that allows local unprivileged users to escalate privileges and delete files with SYSTEM access. The flaw affects certain versions of TeamViewer Remote Management for Windows, particularly those with Backup, Monitoring, and Patch Management features enabled. #CVE-2025-36537 #TeamViewerVulnerability
Keypoints
- The vulnerability stems from incorrect permission settings in TeamViewer Remote Management on Windows systems.
- Exploitation requires local access and involves exploiting MSI rollback during uninstall processes.
- Affected versions include various legacy and current builds of TeamViewer Remote Client and Host for Windows.
- Version 15.67 of TeamViewer has been released as a fix, and users are strongly urged to upgrade immediately.
- The flaw is rated high on the CVSS scale with potential for severe system compromise.
Read More: https://thecyberexpress.com/cve-2025-36537-teamviewer-remote-management/