Discover Security Vulnerabilities News
TeamViewer RPM repo left door open for malicious packages
A vulnerability discovered in TeamViewer RPM auto-updates on Linux allowed attackers to easily install and execute arbitrary software with root permissions. Luckily, TeamViewer has fixed this flaw in version 15.11.6.
Three months ago, I discovered a security vulnerability in TeamViewer RPM auto-updates on Linux. The vulnerability allowed an attacker-in-the-middle (AITM) to subvert the TeamViewer RPM package repository to install and execute arbitrary software with root permissions.
First thing first: TeamViewer followed best practices and used cryptographic signing (GPG) on the repository metadata and its software packages. These measures should have prevented anyone from tampering with either the repository or any of its packages. However, it assumes that the system has a copy of TeamViewer’s public GPG key.