TeamViewer 12 GPAPI.dll DLL Hijack

2018.01.03
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: N/A

Affected Product: Teamviewer 12 Client for Windows PC Credit: Souhardya Sardar and Rohit Bankoti Contact : facebook.com/SouhardyaSardar.py *Summary:* Gom Player Installer contains a dll hijack vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system and gain elevated privileges. The vulnerability exists due to some DLL file is loaded by 'TeamViewer.exe' improperly. And it allows an attacker to load this DLL file of the attacker as choosing that could execute arbitrary code without the user's knowledge. *Tested on*: Windows 7 Ultimate 6.1.7601 Service Pack 1 Build 7601 *Impact:* Attacker can exploit this vulnerability to load a DLL file of the attacker's choosing that could execute arbitrary code. This may help attacker to successfully exploit the system if user creates shell as a DLL. POC : # Vulnerable Library: GPAPI.dll Dir : C:\Program Files\TeamViewer Create malicious DLL GPAPI.dll Additionally Privilege Escalation can be done if the TeamViewer Client is running on Higher Privileges e.g NT\AUTHORITY


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top