TeamViewer Local Privilege Escalation Vulnerability
Csaba Fitzl (tweet):
This is a rather old vulnerability I found in TeamViewer back in 2020, and reported it through VCP/iDefense. TeamViewer fixed the vulnerability last November[…]
The TeamViewer macOS client used a PrivilegedHelperTool named
com.teamviewer.Helperto perform specific tasks that requirerootpermissions. Back in 2020 it used a deprecate model to perform IPC communication, called Distributed Objects. It was wide open, and any client could invoke the remote object’s functions, and some of those lead to direct privilege escalation.
Previously:
