TV-2026-1006

Vulnerability in TeamViewer out-of-session chat

速報 ID
TV-2026-1006
Issue Date
2026/06/29
最終更新日
2026/06/29
優先度
Informative
影響のある製品
TeamViewer Remote
TeamViewer Tensor
TeamViewer ONE

1. Summary

TeamViewer identified a security vulnerability affecting the out-of-session chat functionality in TeamViewer clients. To mitigate the risk, a server-side measure was implemented that disables out-of-session chat for affected clients, ensuring the vulnerability can no longer be exploited. Users who require out-of-session chat must update to the current client version, while no further mitigation actions are required.

2. Vulnerability details

Description

TeamViewer has identified a vulnerability affecting the out-of-session chat functionality in the TeamViewer Full Client versions 15.78 through 15.79.3 for Windows and macOS.

 

To mitigate potential risks and ensure the security of our users, TeamViewer has implemented a server-side measure that disables out-of-session chat functionality for affected client versions.

 

As a result, the identified vulnerability is not exploitable anymore, and no further action is required to mitigate the issue. To continue using the chat, users must update to the latest version of the client (listed below).

 

This vulnerability was responsibly reported to us by a researcher participating in our bug bounty program. We are not aware of any other prior knowledge of this issue, nor do we have any indication that it has been exploited in the wild. 

3. Affected software and versions

Product
Versions
Info

TeamViewer Full Client (Windows)

from 15.78 before 15.79.4

TeamViewer Full Client (macOS)

from 15.78 before 15.79.4

4. Solutions and mitigations

  • No user action required for mitigation
  • To continue using the chat, you must update to the latest client version or chat via web.teamviewer.com.

5. Acknowledgements

We would like to thank Kenan Karalioglu (chef_shell) for the discovery and responsible disclosure.