Users of the popular remote maintenance software TeamViewer should currently make sure that they have the latest version of the program installed.A security vulnerability was discovered in the application, which allows an attacker to hijack a session under certain circumstances.

TeamViewer

The vulnerability was discovered by a user on Reddit called xpl0yt, who published a so-called proof-of-concept on GitHub. Essentially, the direction of the remote access can be reversed. Someone who accesses another computer can suddenly become the target himself.
Also Read: Guest Access For Microsoft Teams Via Microsoft Account To Come In A Few Months

The acquisition of a TeamViewer session documented on GitHub was performed on Windows 10. However, according to The Hacker News, you have to place code via DLL Injector in TeamViewer.exe, which is possible if you have access to the respective computer.

As mentioned, the gap was discovered or tried on Windows 10, but it is not directly related to the operating system and also exists on macOS and Linux. The vulnerability was tested with TeamViewer version 13.0.5058 for Windows.The provider of the software has already closed them and provided a patch, in the current version 13.0.5640 such a reversal of the remote access is no longer possible.

Also Read: NiceHash: $68 Million Worth Of Bitcoins Stolen

TeamViewer recommends that you install the patched software immediately if you do it manually. If you have configured TeamViewer for automatic updates, you usually do not need to initiate the download, just follow the instructions on the screen. But there is no reason to worry. Because the gap is certainly serious, but also requires special circumstances and was quickly stuffed by TeamViewer.

Source

Leave a Reply