CVE-2024-7479

HIGH

TeamViewer <15.58.4 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2024-7479. PoCs published by PeterGabaldon, fortra.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2024-7479, targeting TeamViewer's IPC service. The code demonstrates a network-based attack by connecting to the TeamViewer service on port 5939 and sending a crafted authentication challenge.

Description

Improper verification of cryptographic signature during installation of a VPN driver via the TeamViewer_service.exe component of TeamViewer Remote Clients prior version 15.58.4 for Windows allows an attacker with local unprivileged access on a Windows system to elevate their privileges and install drivers.

Exploits (2)

nomisec WORKING POC 136 stars

by PeterGabaldon · poc

https://github.com/PeterGabaldon/CVE-2024-7479_CVE-2024-7481

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2024-7479, targeting TeamViewer's IPC service. The code demonstrates a network-based attack by connecting to the TeamViewer service on port 5939 and sending a crafted authentication challenge.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: TeamViewer (version not specified)

No auth needed

Prerequisites: Network access to the target system · TeamViewer service running and listening on port 5939

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 8 stars

by fortra · poc

https://github.com/fortra/CVE-2024-7479

View Code ZIP pw:eip

This PoC exploits CVE-2024-7479 by crafting malicious IPC packets to interact with a vulnerable service, likely targeting authentication bypass or remote code execution. The code includes packet structuring and challenge-response mechanisms typical of low-level protocol manipulation.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Fortra (specific version unclear)

No auth needed

Prerequisites: Network access to vulnerable service · Python environment with required dependencies

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1559 - Inter-Process Communication

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2024-1006/

Scores

CVSS v3 8.8

EPSS 0.0041

EPSS Percentile 32.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-347

Status published

Products (10)

TeamViewer/Remote Full Client 11.0.0 - 11.0.259311

TeamViewer/Remote Full Client 12.0.0 - 12.0.259312

TeamViewer/Remote Full Client 13.0.0 - 13.2.36225

TeamViewer/Remote Full Client 14.0.0 - 14.7.48796

TeamViewer/Remote Full Client 15.0.0 - 15.58.4

TeamViewer/Remote Host 11.0.0 - 11.0.259311

TeamViewer/Remote Host 12.0.0 - 12.0.259312

TeamViewer/Remote Host 13.0.0 - 13.2.36225

TeamViewer/Remote Host 14.0.0 - 14.7.48796

TeamViewer/Remote Host 15.0.0 - 15.58.4

Published Sep 25, 2024

Tracked Since Feb 18, 2026