{"id":33114,"date":"2021-07-13T14:05:26","date_gmt":"2021-07-13T18:05:26","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=33114"},"modified":"2021-07-13T14:05:26","modified_gmt":"2021-07-13T18:05:26","slug":"teamviewer-local-privilege-escalation-vulnerability","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2021\/07\/13\/teamviewer-local-privilege-escalation-vulnerability\/","title":{"rendered":"TeamViewer Local Privilege Escalation Vulnerability"},"content":{"rendered":"

Csaba Fitzl<\/a> (tweet<\/a>):<\/p>\n

This is a rather old vulnerability I found in TeamViewer back in 2020, and reported it through VCP\/iDefense. TeamViewer fixed the vulnerability last November[…]<\/p>\n

The TeamViewer macOS client used a PrivilegedHelperTool named com.teamviewer.Helper<\/code> to perform specific tasks that require root<\/code>\npermissions. Back in 2020 it used a deprecate model to perform IPC communication, called Distributed Objects. It was wide open, and any client could invoke the remote object’s functions, and some of those lead to direct privilege escalation.<\/p><\/blockquote>\n\n

Previously:<\/p>\n