Home

Description

Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during directory verification.

PUBLISHED Reserved 2025-04-30 | Published 2025-08-26 | Updated 2025-08-26 | Assigner TV




MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Problem types

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

Product status

Default status
unaffected

11.0.0 (custom) before 15.69
affected

Default status
unaffected

11.0.0 (custom) before 15.69
affected

Credits

Trend Micro Zero Day Initiative reporter

References

www.teamviewer.com/...enter/security-bulletins/tv-2025-1003/

cve.org (CVE-2025-44002)

nvd.nist.gov (CVE-2025-44002)

Download JSON