CYBER NEWS

CVE-2020-13699: Critical TeamViewer Flaw Allows Hackers To Exploit User Devices

TeamViewer has been found to feature a dangerous security vulnerability tracked in the CVE-2020-13699 advisory. It allows malicious users to exploit the installed running instances. At the moment the Windows version of the application is affected.




TeamViewer Windows Version Found To Be Vulnerable: Bug Tracked in the CVE-2020-13699 Advisory

The use of the TeamViewer application has risen during the COVID-19 pandemic around the world. For this reason remote accesss tools like it are likely to be the target of computer criminals trying to hack into individual computers or business networks. A security vulnerability was identified in the TeamViewer Windows application which is tracked in the CVE-2020-13699 advisory. This is an issue in the programming code of the program which allows hackers to abuse the way the application handles URI handlers – these are system addresses used to query elements.

The hackers can take advantage of the unpatched versions by creating specially-crafted sites — when they are clicked on the Windows client will be forced to run and open a SAMBA share. This is a network sharing feature of the operating system which allows for data to be made available over the network. The fault in the program’s programming code will interact with the Microsoft Windows operating system in order to authenticate the network share and allow the hackers to oversee remote code execution.

Related:
Computer security experts warn of a dangerous and ongoing attack against macOS users by using a flaw described in the CVE-2019-1457 advisory
CVE-2019-1457: macOS Users Hacked Via Macro-Infected Document Attacks

At the moment there are no reported cases of hackers abusing TeamViewer using these exploits. Also no public exploit code is available so potential hackers will not have the ability to implement it in their attacker frameworks. The TeamViewer has patched the vulnerability in version 15.8.3 of the Windows client. Affected versions are the Windows releases of TeamViewer from versions 8 to 15. The risk for home users is considered to be lower than business entities and government and business facilities.

Avatar

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...