CVE-2025-36537
TeamViewer patched vuln allowing hacker SYSTEM Rights

A significant security vulnerability has been revealed in TeamViewer Remote Management for Windows, posing a risk of privilege escalation attacks.

The CVE-2025-36537 vulnerability allows unprivileged local attackers to delete any files with SYSTEM-level authority, putting organizations using TeamViewer’s Remote Management at significant risk.

• Alert
• Vulnerabilities

SonicWall warns of a trojanized NetExtender stealing VPN logins

By F2 / Wednesday , June 25 2025

SonicWall warned on Monday that unknown attackers have trojanized its SSL-VPN NetExtender application, tricking users into downloading it from fake...

Read More

• Alert
• Cyber Attack
• Vulnerabilities

CVE-2025-36537
TeamViewer patched vuln allowing hacker SYSTEM Rights

By F2 / Wednesday , June 25 2025

A significant security vulnerability has been revealed in TeamViewer Remote Management for Windows, posing a risk of privilege escalation attacks....

Read More

• Alert
• Cyber Attack
• Vulnerabilities

Hacker Target 70+ Microsoft Exchange Servers to Steal Credentials with Keyloggers

By infosecbulletin / Wednesday , June 25 2025

Unidentified hackers are targeting exposed Microsoft Exchange servers to inject harmful code into login pages and steal credentials. Positive Technologies...

Read More

• Hot Topic

WhatsApp banned on all US House of Representatives devices

By F2 / Tuesday , June 24 2025

The U.S. House of Representatives has banned congressional staff from using WhatsApp on government devices due to security concerns, as...

Read More

• Alert

Kaspersky found “SparkKitty” Malware on Google Play, Apple App Store

By F2 / Tuesday , June 24 2025

Kaspersky found a new mobile malware dubbed SparkKitty in Google Play and Apple App Store apps, targeting Android and iOS....

Read More

• International

OWASP AI Testing Guide Launched to Uncover Vulns in AI Systems

By F2 / Tuesday , June 24 2025

OWASP has released its AI Testing Guide, a framework to help organizations find and fix vulnerabilities specific to AI systems....

Read More

• Bank
• National

Axentec Launches Bangladesh’s First Locally Hosted Tier-4 Cloud Platform

By F2 / Tuesday , June 24 2025

In a major milestone for the country’s digital infrastructure, Axentec PLC has officially launched Axentec Cloud, Bangladesh’s first Tier-4 cloud...

Read More

• Alert
• Cyber Attack

Hackers Bypass Gmail MFA With App-Specific Password Reuse

By infosecbulletin / Monday , June 23 2025

A hacking group reportedly linked to Russian government has been discovered using a new phishing method that bypasses two-factor authentication...

Read More

• Cyber Attack

Russia detects first SuperCard malware attacks via NFC

By infosecbulletin / Wednesday , June 18 2025

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...

Read More

• Cyber Attack
• Data Breach

Income Property Investments exposes 170,000+ Individuals record

By infosecbulletin / Tuesday , June 17 2025

Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...

Read More

Vulnerability Overview:

The vulnerability, assigned a CVSS score of 7.0 (High), stems from an incorrect permission assignment for critical resources in the TeamViewer Client (both Full and Host versions).

By exploiting this mechanism, a low-privileged user with local access can delete files anywhere on the system as SYSTEM, potentially leading to further privilege escalation or system compromise.

TeamViewer has addressed the issue in version 15.67 and recommends all users with Remote Management features enabled update to the latest available version immediately.

Hacker Target 70+ Microsoft Exchange Servers to Steal Credentials with Keyloggers