Security Bulletins

TV-2024-1002

Improper symlink resolution in TeamViewer Remote client for macOS

Bulletin ID
TV-2024-1002
Issue Date
Mar 26, 2024
Last Update
Mar 26, 2024
Priority
Moderate
CVSS
7.1 (high)
Assigned CVE
CVE-2024-1933
Affected Products
TeamViewer Remote client

1. Summary

A symlink vulnerability has been found in TeamViewer client for macOS prior version 15.52. The vulnerability has been fixed with version 15.52.

2. Vulnerability Details

CVE-ID

Description

It was discovered that the Teamviewer client prior Version 15.52 for macOS is vulnerable to a symlink attack. An attacker with unprivileged access to the system could potentially elevate privileges or conduct a denial-service-attack. The vulnerability has been fixed with version 15.52. We strongly recommend users to update their TeamViewer macOS clients immediately.

CVSS3.0 Score

Base Score 7.1 (High)

CVSS3.1 Vector String

Problem type

3. Affected products & versions

Product Versions Info

Teamviewer Remote client

< 15.52

4. Solutions and mitigations

Update to the latest version of TeamViewer client for macOS (15.52 or higher).

Do you want to report a security issue?

TeamViewer’s security team will investigate every submission in our Vulnerability Disclosure Program.