CVE-2020-13699

Name of the Vulnerable Software and Affected Versions TeamViewer Desktop for Windows versions prior to 15.8.3 TeamViewer versions 8.0 through 14.7

Description The issue is related to TeamViewer's custom URI handlers not being properly quoted, allowing a malicious website to launch TeamViewer with arbitrary parameters, such as teamviewer10: --play URL. This could force a victim to send an NTLM authentication request, which could be relayed or have its hash captured for offline password cracking. The affected components include teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1.

Recommendations For TeamViewer Desktop for Windows versions prior to 15.8.3, update to version 15.8.3 or later to resolve the issue. For TeamViewer versions 8.0 through 14.7, update to the corresponding fixed version: 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, or 14.7.48350. As a temporary workaround, consider restricting access to the vulnerable teamviewer10 URI handler until a patch is available. Avoid using the --play parameter in the affected API endpoint until the issue is resolved.