TeamViewer Flaw in Windows App Allows Password-Cracking

Popular remote-support software TeamViewer has patched a high-severity flaw in its desktop app for Windows. If exploited, the flaw could allow remote, unauthenticated attackers to execute code on users’ systems or crack their TeamViewer passwords.

TeamViewer is a proprietary software application used by businesses for remote-control functionalities, desktop sharing, online meetings, web conferencing and file transfer between computers. The recently discovered flaw stems from the Desktop for Windows app (CVE-2020-13699) not properly quoting its custom uniform resource identifier (URI) handlers.

Read more…
Source: ThreatPost