CVE-2024-2451

Published: May 28, 2024Modified: Nov 21, 2024

6.4

Vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.5 / Impact: 5.9

Source: psirt@teamviewer.com (Secondary)

Description

Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via executable sideloading.

Related CWEs

CWE-347

Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (2)

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/

Source: psirt@teamviewer.com

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1004/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.