TV-2024-1002

Improper symlink resolution in TeamViewer Remote client for macOS

公告栏 ID
TV-2024-1002
Issue Date
2024年3月26日
最后更新时间
2024年3月26日
优先级
CVSS
7.1 (high)
受影响的产品
CVE-2024-1933
受影响的产品
TeamViewer Remote client

1. Summary

A symlink vulnerability has been found in TeamViewer client for macOS prior version 15.52. The vulnerability has been fixed with version 15.52.

2. Vulnerability Details

CVE-ID

Description

It was discovered that the Teamviewer client prior Version 15.52 for macOS is vulnerable to a symlink attack. An attacker with unprivileged access to the system could potentially elevate privileges or conduct a denial-service-attack. The vulnerability has been fixed with version 15.52. We strongly recommend users to update their TeamViewer macOS clients immediately.

CVSS3.0 Score

Base Score 7.1 (High)

CVSS3.1 Vector String

Problem type

3. Affected products & versions

Product Versions Info

Teamviewer Remote client

< 15.52

4. Solutions and mitigations

Update to the latest version of TeamViewer client for macOS (15.52 or higher).