TeamViewer 15.70: Symb. Link Escalation via Update Path Spoofing
CVE-2025-41421 Published on October 1, 2025
Privilege Escalation via Symbolic Link Spoofing in TeamViewer Client
Improper handling of symbolic links in the TeamViewer Full Client and Host for Windows in versions prior to 15.70 of TeamViewer Remote and Tensor allows an attacker with local, unprivileged access to a device lacking adequate malware protection to escalate privileges by spoofing the update file path. This may result in unauthorized access to sensitive information.
Vulnerability Analysis
CVE-2025-41421 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2025-41421 has been classified to as an insecure temporary file vulnerability or weakness.
Products Associated with CVE-2025-41421
stack.watch emails you whenever new vulnerabilities are published in TeamViewer Host or TeamViewer Full Client. Just hit a watch button to start following.
Affected Versions
TeamViewer Full Client:- Version 11.0.0 and below 15.70 is affected.
- Version 11.0.0 and below 15.70 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.