{"id":4434,"date":"2017-12-07T01:13:00","date_gmt":"2017-12-07T00:13:00","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=4434"},"modified":"2017-12-06T22:15:05","modified_gmt":"2017-12-06T21:15:05","slug":"teamviewer-vulnerability-allows-permission-changes","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/12\/07\/teamviewer-vulnerability-allows-permission-changes\/","title":{"rendered":"TeamViewer: Vulnerability allows permission changes"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"http:\/\/www.borncity.com\/blog\/?p=198373\" target=\"_blank\">German<\/a>]The TeamViewer software, commonly used to remotely control computers, has a security vulnerability. This allows attackers to hijack a session and attack the target computer. A patch is available.<\/p>\n<p><!--more--><\/p>\n<p>At GitHub someone has published a <a href=\"https:\/\/github.com\/gellin\/TeamViewer_Permissions_Hook_V1\">Proof-of-Concept<\/a> exploit, which allows to use a security hole in TeamViewer totake over a remote session. The attacker must use a DLL injector to insert the code into the Teamviewer.<\/p>\n<p><a href=\"https:\/\/github.com\/gellin\/TeamViewer_Permissions_Hook_V1\/raw\/master\/server_switch_sides.gif?raw=true\"><img loading=\"lazy\" decoding=\"async\" title=\"Teamviewer-Angriff\" alt=\"Teamviewer-Angriff\" src=\"https:\/\/github.com\/gellin\/TeamViewer_Permissions_Hook_V1\/raw\/master\/server_switch_sides.gif?raw=true\" width=\"624\" height=\"465\"><\/a><br \/>(Source: GitHub) <\/p>\n<p>If this succeeds, the attacker can access the two computers involved in the Teamviewer session and, for example, change the direction for the remote session. Then the attacker can overtake the server or the client. The proof of concept was tested under Windows 10 with TeamViewer x86 version 13.0.5058. At reddit. com, where the whole thing was <a href=\"https:\/\/www.reddit.com\/r\/netsec\/comments\/7hfd84\/be_careful_on_teamviewer_switch_sides_bugtake\/\" target=\"_blank\">discussed<\/a>, somebody mentioned, that a patch for TeamViewer version 13.0.5640.0 is available. Further information can be found at <a href=\"https:\/\/thehackernews.com\/2017\/12\/teamviewer-hacking-tool.html\" target=\"_blank\">The Hacker News<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The TeamViewer software, commonly used to remotely control computers, has a security vulnerability. This allows attackers to hijack a session and attack the target computer. A patch is available.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[69,1179],"class_list":["post-4434","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-security","tag-teamviewer"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4434","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=4434"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/4434\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=4434"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=4434"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=4434"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}