Popular remote access and troubleshooting app, TeamViewer has patched a vulnerability that could let attackers quietly establish a connection to your computer and further exploit the system.
When successfully exploited, this bug would let an unauthenticated, remote actor execute code on your Windows PC, or obtain password hashes (e.g., for cracking via brute-force).
Assigned
CVE-2020-13699, the high severity bug falls under a special category of security vulnerabilities, dubbed
Unquoted Search Path or Element (CWE-428). These take advantage of the fact, arguments being passed to a program are not "quoted."
This can cause a program to treat the arguments as direct commands, rather than an input value.
... ...
