By 
Are you a TeamViewer user? If yes, then make sure you’re using the latest version of the popular remote desktop connection software for Windows.
Of late, TeamViewer team unveiled a new version of its software that comprises a patch for a critical flaw (CVE 2020-13699), which, if abused, is likely to allow remote attackers steal your system password and ultimately compromise it.
Worse, the attack can be carried out nearly automatically with minimal interaction of the victims and by persuading them to visit a malicious web page once.
TeamViewer, a popular remote-support software, is available for desktop and mobile operating systems, including Windows, macOS, Linux, Chrome OS, iOS, Android, Windows RT Windows Phone 8, and BlackBerry.
The newly reported high-risk flaw, discovered by Jeffrey Hofmann of Praetorian, exists in in the way TeamViewer quotes its custom URI handlers, which could let a hacker force the software to relay an NTLM authentication request to the attacker’s system.
Simply put, a hacker can influence TeamViewer’s URI scheme from a web-page to deceive the application installed on the victim’s system into starting a connection to the attacker-owned remote SMB share.
To effectively take advantage of the flaw, a hacker should embed a malicious iframe on a website and then deceive victims into visiting that spitefully created URL. Once the victim clicks it, TeamViewer will automatically launch its Windows desktop client and open a remote SMB share.
Now, the victim’s Windows OS will “perform NTLM authentication when opening the SMB share and that request can be relayed (using a tool like responder) for code execution (or captured for hash cracking).” Hofmann said.
This flaw, branded as ‘Unquoted URI handler,’ affects “URI handlers teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1,” he added.
While the flaw is not being exploited in the wild at the moment, in view of the popularity of the software among millions of users, hackers have always used TeamViewer to further their nefarious designs.
Therefore, it’s highly recommended that users upgrade their software to the 15.8.3 as soon as possible.
