A critical vulnerability discovered in the TeamViewer software was discovered which could allow users sharing a desktop session to gain complete control of the other’s PC without permission. The GitHub user named Gellin has disclosed this new hole.
How does the hack work?
Gellin has published his proof-of-concept (PoC) code which is an injectable C++ DLL, it leverages “naked inline hooking and direct memory modification to change TeamViewer permissions“. The injectable C++ DLL injection can be used by both, the client and the server, which results as mentioned below:
If exploited by the Server—the hack allows viewers to enable “switch sides” feature, which is only active after the server authenticated control with the client, eventually allowing the server to initiate a change of control/sides.
If exploited by the Client—the hack allows the client to take control of the mouse and keyboard of the server “with disregard to servers current control settings and permissions.”
Windows, MacOS as well as Linux machines are all the same affected. The Reddit user xpl0yt who first publicized this vulnerability claimed to have been in contact with the TeamViewer security team, who confirmed him the existence of the vulnerability in its software and released a patch for Windows. TeamViewer users are recommended to install the patched versions of the software as soon as they become available.
What do you use? Let me know in the comment section.