Vulnerability in TeamViewer

  • CERT Admin
  • Tue Nov 03 2020
  • Alerts

Systems Affected

TeamViewer versions prior to 15.8.3


Overview

An attacker could run TeamViewer with arbitrary parameters on the targeted system.


Description

This vulnerability resides in TeamViewer due to improper quote of its custom URI handlers. TeamViewer is a program that can be used for desktop sharing, online meetings, web conferencing, and file transfer between systems. An attacker could use this vulnerability to force the program to relay an NTLM authentication request to the attacker's system allowing for offline rainbow table attacks and brute force cracking attempts.

Attacker also could do more damage due to stolen credentials from the successful exploitation of this vulnerability.


Impact

✻ Exposing confidential information to unauthorized parties

✻ Disruption to your day to day operations


Solution/ Workarounds

✻ Apply the latest update as mentioned in the vendor advisory https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448

✻ Refrain from clicking links received from unknown or un-trusted sources


References

✻ https://www.cisecurity.org/advisory/a-vulnerability-in-teamviewer-cloud-allow-for-offline-password-cracking_2020-106/

✻ https://www.cert-in.org.in/


Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.


Last updated: Tue Nov 03 2020