TV-2024-1002

Improper symlink resolution in TeamViewer Remote client for macOS

Bulletin ID
TV-2024-1002
Issue Date
26 mar 2024
Last Update
26 mar 2024
Priority
Moderate
CVSS
7.1 (high)
Assigned CVE
CVE-2024-1933
Affected Products
TeamViewer Remote client

1. Summary

A symlink vulnerability has been found in TeamViewer client for macOS prior version 15.52. The vulnerability has been fixed with version 15.52.

2. Vulnerability Details

CVE-ID

Description

It was discovered that the Teamviewer client prior Version 15.52 for macOS is vulnerable to a symlink attack. An attacker with unprivileged access to the system could potentially elevate privileges or conduct a denial-service-attack. The vulnerability has been fixed with version 15.52. We strongly recommend users to update their TeamViewer macOS clients immediately.

CVSS3.0 Score

Base Score 7.1 (High)

CVSS3.1 Vector String

Problem type

3. Affected products & versions

Product Versions Info

Teamviewer Remote client

< 15.52

4. Solutions and mitigations

Update to the latest version of TeamViewer client for macOS (15.52 or higher).