{"id":37029,"date":"2025-02-01T00:11:50","date_gmt":"2025-01-31T23:11:50","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=37029"},"modified":"2025-02-01T00:11:50","modified_gmt":"2025-01-31T23:11:50","slug":"teamviewer-client-vulnerability-cve-2025-0065","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2025\/02\/01\/teamviewer-client-vulnerability-cve-2025-0065\/","title":{"rendered":"TeamViewer client: Vulnerability CVE-2025-0065"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2025\/01\/31\/teamviewer-client-schwachstelle-cve-2025-0065-dringend-patchen\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]A security vulnerability classified as high has become known in the TeamViewer client. In a security advisory dated January 28, 2025, the manufacturer warns of the vulnerability CVE-2025-0065 in its client and recommends updating to version 15.62.<\/p>\n<p><!--more--><\/p>\n<p>A blog reader pointed out the issue to me via a private Facebook message (thanks for that), which I have also come across elsewhere. TeamViewer Support published the security warning <a href=\"https:\/\/www.teamviewer.com\/de\/resources\/trust-center\/security-bulletins\/tv-2025-1001\/\" target=\"_blank\" rel=\"noopener\">Improper Neutralization of Argument Delimiters in TeamViewer Clients<\/a> on January 28, 2025.<\/p>\n<p>The vulnerability <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-0065\" target=\"_blank\" rel=\"noopener\">CVE-2025-0065<\/a> was discovered in the TeamViewer clients for Windows, which allows local privilege escalation on a Windows system. The vulnerability is classified as High with a CVSS index of 7.8.<\/p>\n<p>The cause is an improper neutralization of arguments in the <em>TeamViewer_service.exe<\/em> component of TeamViewer Full Client &amp; Host prior to version 15.62 (and other versions listed in the security warning). This allows an attacker with local, unprivileged access to a Windows system to elevate their privileges through argument injection.<\/p>\n<p>To exploit this vulnerability, an attacker needs local access to the Windows system. The TeamViewer developers have no evidence that this vulnerability has been or is being exploited in the wild.<\/p>\n<p>The vulnerability has been fixed with version 15.62 and the additional versions listed in the security warning. It is recommended to update to the latest available version. Here is the list of updated clients:<\/p>\n<ul>\n<li>TeamViewer Full Client (Windows) &lt; 14.7.48799<\/li>\n<li>TeamViewer Full Client (Windows) &lt; 13.2.36226<\/li>\n<li>TeamViewer Full Client (Windows) &lt; 12.0.259319<\/li>\n<li>TeamViewer Full Client (Windows) &lt; 11.0.259318<\/li>\n<li>TeamViewer Host (Windows) &lt; 15.62<\/li>\n<li>TeamViewer Host (Windows) &lt; 14.7.48799<\/li>\n<li>TeamViewer Host (Windows) &lt; 13.2.36226<\/li>\n<li>TeamViewer Host (Windows) &lt; 12.0.259319<\/li>\n<li>TeamViewer Host (Windows) &lt; 11.0.259318<\/li>\n<\/ul>\n<p>The clients can be<a href=\"https:\/\/www.teamviewer.com\/de\/download\/windows\/\" target=\"_blank\" rel=\"noopener\"> downloaded<\/a> from the TeamViewer pages.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]A security vulnerability classified as high has become known in the TeamViewer client. In a security advisory dated January 28, 2025, the manufacturer warns of the vulnerability CVE-2025-0065 in its client and recommends updating to version 15.62.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69,1179],"class_list":["post-37029","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security","tag-teamviewer"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37029","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=37029"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37029\/revisions"}],"predecessor-version":[{"id":37030,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/37029\/revisions\/37030"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=37029"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=37029"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=37029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}