Home

Description

Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during directory verification.

PUBLISHED Reserved 2025-04-30 | Published 2025-08-26 | Updated 2025-08-26 | Assigner TV




MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Problem types

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

Product status

Default status
unaffected

11.0.0 before 15.69
affected

Default status
unaffected

11.0.0 before 15.69
affected

Credits

Trend Micro Zero Day Initiative reporter

References

www.teamviewer.com/...enter/security-bulletins/tv-2025-1003/

cve.org (CVE-2025-44002)

nvd.nist.gov (CVE-2025-44002)

Download JSON