The URI will then trick the app into creating a connection with attacker-controlled remote Server Message Block (SMB) protocol.
To initiate the attack, the attacker could simply persuade a victim with TeamViewer installed on their system to click on crafted URL in a website – an opportunity for attackers to potentially launch watering-hole attacks. “An attacker could embed a malicious iframe in a website with a crafted URL () that would launch the TeamViewer Windows desktop client and force it to open a remote SMB share,” according to an advisory by Jeffrey Hofmann, security engineer at Praetorian, who disclosed the flaw. In this specific case, values are not “quoted” by the app – meaning that TeamViewer will treat them as commands rather than as input values. But because handler applications can receive data from untrusted sources, the URI values passed to the application may contain malicious data that attempts to exploit the app. The recently discovered flaw stems from the Desktop for Windows app ( CVE-2020-13699) not properly quoting its custom uniform resource identifier (URI) handlers.Īpps need to identify the URIs for the websites they will handle. TeamViewer is a proprietary software application used by businesses for remote-control functionalities, desktop sharing, online meetings, web conferencing and file transfer between computers. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords. Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows.
0 kommentar(er)
