Incomplete protection of personal password settings

Bulletin ID
Date Published
Last Update
CVSS 3.0
7.3 (high)
Assigned CVE
Affected Products
TeamViewer Remote Full Client
TeamViewer Remote Host

1. Summary

A vulnerability has been found in TeamViewer Client prior version 15.51.5 that could allow an unprivileged user on a multi-user system to set a personal password. The issue has been fixed with Version 15.51.5.

2. Vulnerability Details



In the Teamviewer Client prior Version 15.51.5, access to the personal password setting doesn’t require administrative rights. A low privileged user on a multi-user system, with access to the client, can set a personal password. That potentially allows an unprivileged user to establish a remote connection to other currently logged-in users on the same system.


TeamViewer clients with activated setting “changes require administrative right on this computer” or additional security features active and properly configured are not affected, e.g.


  • Options
  • Password
  • Conditional Access
  • BYOC
  • Block & Allow List
  • Access control
  • TFA for connections
  • One-time-password


TeamViewer recommends using Easy Access for unattended access, combined with the Two-Factor-Authentication, this protection covers accessing the TeamViewer account and any machine you support via TeamViewer.


If you still consider to use a personal password please make sure to follow the guidelines and use a strong password.

CVSS3.0 Score

Base Score 7.3 (High)

CVSS3.1 Vector String

Problem type

3. Affected products & versions

Product Versions Info

Teamviewer Remote Full Client

< 15.51.5

Teamviewer Remote Host

< 15.51.5

4. Solutions and mitigations

Recommended: Update to the latest version (15.51.5 or higher)

or set “changes require administrative rights on this computer” in the advanced settings of the client

or set an “options password” in the advanced settings of the client

or consider one the above-mentioned security features.

5. Additional Resources

6. Acknowledgments

We thank Aaron Schlitt, Lukas Radermacher and Nils Hanff very much for their contribution and responsible disclosure.