TeamViewer Urges Users to Patch Privilege Escalation Flaws (CVE-2024-7479 and CVE-2024-7481)
In a recently disclosed security bulletin, TeamViewer has highlighted two critical vulnerabilities impacting its Remote Client and Remote Host products for Windows. CVE-2024-7479 and CVE-2024-7481—both rated with a CVSS score of 8.8—pose significant risks for users, particularly those operating older versions of the software.
Both vulnerabilities stem from improper verification of cryptographic signatures during the installation of specific drivers. Specifically, these flaws affect the installation of VPN drivers and printer drivers via the TeamViewer_service.exe component of TeamViewer Remote Clients.
- CVE-2024-7479: Involves the improper verification of the cryptographic signature during the installation of a VPN driver.
- CVE-2024-7481: Involves the improper verification of the cryptographic signature during the installation of a printer driver.
These vulnerabilities enable attackers with local unprivileged access to escalate their privileges and install malicious drivers on the affected system. Once a malicious driver is installed, attackers can execute code with elevated privileges, effectively gaining complete control over the machine.
To exploit these vulnerabilities, attackers must have local access to the Windows system. While remote exploitation is not possible, once an attacker has local access, the potential for damage is severe. By escalating privileges, the attacker can bypass system security controls, install unauthorized software, or tamper with critical system files.
This risk is especially concerning for corporate environments, where local access to workstations may be easier to obtain through physical means or social engineering techniques.
The vulnerabilities affect multiple versions of TeamViewer products for Windows. TeamViewer has provided a patch to address these vulnerabilities. Users and administrators are strongly encouraged to upgrade to version 15.58.4 or later to mitigate the risks associated with these vulnerabilities.
For those running older versions of TeamViewer, the software is available for download via this link.
