Systems Affected
TeamViewer versions prior to 15.8.3
Overview
An attacker could run TeamViewer with arbitrary parameters on the targeted system.
Description
This vulnerability resides in TeamViewer due to improper quote of its custom URI handlers. TeamViewer is a program that can be used for desktop sharing, online meetings, web conferencing, and file transfer between systems. An attacker could use this vulnerability to force the program to relay an NTLM authentication request to the attacker’s system allowing for offline rainbow table attacks and brute force cracking attempts.
Attacker also could do more damage due to stolen credentials from the successful exploitation of this vulnerability.
Impact
✻ Exposing confidential information to unauthorized parties
✻ Disruption to your day to day operations
Solution/ Workarounds
✻ Apply the latest update as mentioned in the vendor advisory https://community.teamviewer.com/t5/Announcements/Statement-on-CVE-2020-13699/td-p/98448
✻ Refrain from clicking links received from unknown or un-trusted sources
References
✻ https://www.cisecurity.org/advisory/a-vulnerability-in-teamviewer-cloud-allow-for-offline-password-cracking_2020-106/
✻ https://www.cert-in.org.in/
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.