TeamViewer steal users’ password

 

TeamViewer port could be exploited to steal users’ password
TeamViewer has a high-risk vulnerability (CVE-2020-13699) could be exploited by remote attackers to steal users’ password, and could lead to further system exploitation.

What's TeamViewer?



TeamViewer is an application and is available for Windows, macOS, Linux, Chrome OS, iOS, Android, Windows RT Windows Phone 8 and BlackBerry operating systems, this application used primarily for remote access to control of various types of computer systems and mobile devices, but also offers many features.

Organizations have recently increased use of this program according to COVID-19 precautions, as many employees are forced to work from home.

What's vulnerability (CVE-2020-13699)?

CVE-2020-13699 is a security bug arising from an unquoted search path or element and could be exploited when the system with a vulnerable version of TeamViewer installed visits a maliciously crafted website.

This allow attacker embed a malicious in URL that would launch the TeamViewer Windows desktop client and force it to open a remote SMB share.

Windows will perform NTLM authentication when opening the SMB share and that request can be relayed.

According to the company, the vulnerability affects TeamViewer versions 8 through 15 (up to 15.8.2) for the Windows platform. Users are advised to upgrade to version 15.8.3 to close the hole.

So, we need to ask ourselves is TeamViewer safe for Remote connection ... and what happened can be classified as a real bug, or something else .... it's discovered with COVID19 and before that what was attackers doing in their hidden world?

you can watch our content about teamviewer

Comments

Post a Comment

Popular posts from this blog

TIKTOK Free Crypto Promo Code Scam Explained

Image
This article about how this scam Free Crypto giveaway that run on TikTok, including the deceptive tactics used to ensnare victims. We will outline the scam process step-by-step so you can identify these frauds before falling for them. Our guide will also provide tips on what to do if you lose money to one of these crypto cons. Keep reading to learn how to steer clear of TikTok cryptocurrency scams. Scammers are use videos and fake profiles on TikTok that show Crypto Promo Code, pretending to be associated with Famous People. They lure people in with the promise of free Crypto . You will find our video in Mango School channel ,,, sorry about that google don't accept links After entering the given promo code, you will receive Crypto in your account. But wait, this is just a trick to make you believe the giveaway is real.  When you try to withdraw the Crypto , they ask for an activation fee as a deposit . People who pay this fee will lose their money and never get anything in return.
Read-more »

Reason Cybersecurity rsenginesvc exe Uninstall Guide

Image
Many applications and websites can download not needed app like Reason Cybersecurity, you need to know, this is Reason Cybersecurity uninstall Guide, RsEnginesvc.exe is a part of an old Reason up Cybersecurity What is Reason Cybersecurity ? Reason Cybersecurity is an old robust antivirus program that protects your Windows system from many cyber threats, including malware, ransomware, and spyware. It's like having a vigilant guard continuously monitoring your digital environment, ensuring your data remains safe from known and emerging threats. How to uninstall / remove Reason Cybersecurity ? What can  Reason Cybersecurity do? * Reason cybersecurity is not listed in Programs and Features. * You do not have sufficient access to uninstall Reason. * A file required for this uninstallation to complete could not be run. Method 2: Remove Reason that can't appear in apps by using the same steps * An error has occurred. Not all of the files were successfully uninstalled. * Another proces
Read-more »