Teamviewer has just released an emergency patch that allows hackers to take control of the computer while they are in a remote computer control session.
The vulnerability was first discovered on Monday when Reddit user “ xployt ” said “be careful.” A user named " gellin " uploaded a PoC code (a C++ DLL file) to GitHub, tested on TeamViewer version 13.0.5058 to demonstrate "swapping positions" between two participants in a machine control session. count.
Both the server and client sides can use this file. If exploited on the server side, the hacker will "fire" the "position swap" feature and will only be effective when the remote control authentication has been completed with the client side.
If exploited by the client side, the hacker (from the client side) will take control of the mouse and keyboard without the permission of the server.
Either the server or the client can exploit this vulnerability
Basically, to exploit this vulnerability, both parties must authenticate the connection to each other. “Once the code is injected into the process, it changes memory values in the process, enabling GUI elements to change control. At that time, you do not need to be approved by the server, you can access and control the machine," Gellin said.
The TeamViewer team has released a patch for Windows, with patches for Linux and macOS also coming soon. Accordingly, you need to turn on the automatic update feature for TeamViewer to patch the vulnerability.