TeamViewer Flaw Risks Password Exposure

A vulnerability in the TeamViewer app could allow malicious actors to steal passwords.

The high-severity flaw was discovered in the desktop version of the app for Windows before 15.8.3. By exploiting the weakness, authenticated threat actors operating remotely could execute code on victims’ systems or crack their TeamViewer passwords.

TeamViewer is a proprietary software application that allows users to control a range of smart devices remotely to perform functions like file transfers, desktop sharing and web conferencing.

As a result of flaw CVE-2020-13699, TeamViewer Desktop for Windows does not properly quote its custom URI handlers. As a result, an attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking.

Victims could also be persuaded to go to a specific website set up by threat actors to steal credentials or personal data.

The flaw’s discoverer, security engineer at Praetorian, Jeffrey Hofmann, explained: “An attacker could embed a malicious iframe in a website with a crafted URL that would launch the TeamViewer Windows desktop client and force it to open a remote SMB share.”

According to Hofmann, most web browsers are set up to prevent attacks like this from happening.

He said: “Every modern browser except for Firefox URL encodes spaces when handing off to URI handlers which effectively prevents this attack.”

TeamViewer versions prior to 15.8.3 are vulnerable to the flaw, which has been fixed in the latest release.

Andy Harcup, VP, Absolute Software, commented: “Security flaws in certain software and applications will always be located and exploited by opportunistic cyber-attackers, and this latest revelation could potentially impact millions of Windows users.”

Harcup advised companies to protect their operating system by keeping up with the latest security updates.

“For users to ensure that they are kept safe from the influx of cyber-attacks now facing them, the IT operations team must ensure their systems are kept up-to-date, whilst training their staff to simultaneously maintain a high level of online vigilance and awareness toward internet safety protocol. It is important for enterprises to keep the operating system up-to-date with the latest security updates in order to ensure maximum protection.”

News Source: https://www.infosecurity-magazine.com/

Luke Coppin

Luke Coppin

Scroll to Top

The Email Hijack Problem

... and how to prevent it!

Here’s all the details about how hackers break into your email to plunder your bank account… and best of all it’s totally FREE.

Is Your Business Using Soon To Expire Technology?

All about your new data security nightmare ‘the 2020 problem’

1 in 3 businesses are affected..is yours one of them?… Get your guide now – best of all it’s totally FREE.

The New GDPR Law

It’s live and it has a big impact on your business.

Don’t get caught in the crosshairs! Here’s all the details, written it in human, not “law or tech speak”… best of all it’s totally FREE.