How severe is CVE-2024-41138?

CVE-2024-41138 has a CVSS v3 score of 7.1 (HIGH).

CVE-2024-41138

Name: teams
Author: microsoft

7.1HIGH

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can lever

Published: 12/18/2024Updated: 8/26/2025

Description

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject a library and start the program to trigger this vulnerability and then make use of the vulnerable application's permissions.

AI AnalysisPowered by AI

Affected Products

microsoftteams

24046.2813.2770.1094

References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1991
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1991
ExploitThird Party Advisory