Security News > 2020 > August > TeamViewer Flaw Could Let Hackers Steal System Password Remotely

TeamViewer team recently released a new version of its software that includes a patch for a severe vulnerability, which, if exploited, could let remote attackers steal your system password and eventually compromise it.

Discovered by Jeffrey Hofmann of Praetorian, the newly reported high-risk vulnerability resides in the way TeamViewer quotes its custom URI handlers, which could allow an attacker to force the software to relay an NTLM authentication request to the attacker's system.

To successfully exploit the vulnerability, an attacker needs to embed a malicious iframe on a website and then trick victims into visiting that maliciously crafted URL. Once clicked by the victim, TeamViewer will automatically launch its Windows desktop client and open a remote SMB share.

The TeamViewer project has patched the vulnerability by quoting the parameters passed by the affected URI handlers e.g., URL:teamviewer10 Protocol "C:Program FilesTeamViewerTeamViewer.exe" "%1". Though the vulnerability is not being exploited in the wild as of now, considering the popularity of the software among millions of users, TeamViewer has always been a target of interest for attackers.

Users are highly recommended to upgrade their software to the 15.8.3, as it's hardly a matter of time before hackers started exploiting the flaw to hack into users' Windows PCs. A similar SMB-authentication attack vector was previously disclosed in Google Chrome, Zoom video conferencing app, and Signal messenger.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/eTw0TcKCH5M/teamviewer-password-hacking.html