If are you use remote support software TeamViewer then you should pay attention to a dangerous vulnerability identified in the software that could allow users sharing a desktop session to gain complete control of the other’s PC without permission.
TeamViewer is a popular remote-support software that lets you securely share your desktop or take full control of other’s PC over the Internet from wherever in the world.
For an unknown session to work both computers—the customer and the server (viewer)—necessity should be the software installed, and the patient has to share a secret authentication code with the person he wants to share his desktop.
Still, a GitHub user named “Gellin” has disclosed a vulnerability in that could allow the client (sharing its desktop session) to gain authorization of the viewer’s computer without permission.
Also Read:- 31 Million Client Registration Files Leaked
TeamViewer Could Be Handled By Anyone—Server Or Customer Gellin has also revealed a proof-of-concept (PoC) code, which is an injectable C++ DLL, which leverages “naked inline hooking and honest memory adjustment to change TeamViewer authorities.
The injectable C++ DLL (hack) can be managed by both, the client and the server, which issues as discussed below: If utilized by the Server—the hack allows observers to enable “switch teams” innovation, which is just active after the server confirmed limitation with the client, eventually allowing the server to initiate a change of control/sides.
If employed by the Client—the hack supports the client to take check of the mouse and keyboard of the server “with disregard to servers current control settings and permissions.”This vulnerability impressions TeamViewer reports working on Windows, macOS as well as Linux machines.
A Reddit user “xpl0yt,” who first publicized this vulnerability, claimed to have been in contact with the TeamViewer security team, who confirmed him the existence of the vulnerability in its software and scheduled a patch.
TeamViewer users are recommended to install the patched versions of the software as soon as they become available. Patches will be delivered automatically to those users who have configured their TeamViewer software to receive automatic updates.