{"id":6407,"date":"2024-04-09T14:06:33","date_gmt":"2024-04-09T12:06:33","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=6407"},"modified":"2024-04-09T14:06:33","modified_gmt":"2024-04-09T12:06:33","slug":"teamviewer-macos-klijent-ranjivost","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2024\/04\/09\/teamviewer-macos-klijent-ranjivost\/","title":{"rendered":"TeamViewer macOS klijent ranjivost"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\"><a href=\"https:\/\/www.teamviewer.com\/en-us\/resources\/trust-center\/security-bulletins\/tv-2024-1002\/\" target=\"_blank\" rel=\"noopener\">Otkrivena je<\/a> <em>TeamViewer<\/em> <em>macOS<\/em> klijent ranjivost koja dovodi korisnike starijih verzija <em>macOS<\/em> operativnog sistema do zna\u010dajnog rizika. Gre\u0161ka <em>symlink<\/em> mo\u017ee omogu\u0107iti <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernim akterima<\/a> da pove\u0107aju svoje privilegije unutar operativnog sistema na ciljanom ure\u0111aju i potencijalno izazovu ve\u0107u \u0161tetu.<\/span><\/p>\n<div id=\"attachment_6408\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-6408\" class=\"size-full wp-image-6408\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS.jpg\" alt=\"TeamViewer macOS\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/04\/TeamViewer-macOS-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-6408\" class=\"wp-caption-text\"><em>TeamViewer macOS klijent ranjivost; Source: Bing Image Creator<\/em><\/p><\/div>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2024\/04\/09\/teamviewer-macos-klijent-ranjivost\/#TEAMVIEWER\">TEAMVIEWER<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2024\/04\/09\/teamviewer-macos-klijent-ranjivost\/#TEAMVIEWER_RANJIVOST_CVE-2024-1933\">TEAMVIEWER RANJIVOST CVE-2024-1933<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2024\/04\/09\/teamviewer-macos-klijent-ranjivost\/#ZASTITA\">ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"TEAMVIEWER\"><\/span><span style=\"font-size: 14pt;\"><strong><em>TEAMVIEWER<\/em><\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>TeamViewer<\/em> je vlasni\u010dki softver za daljinski pristup, daljinsko upravljanje i daljinsko odr\u017eavanje ra\u010dunara i drugih krajnjih ure\u0111aja koji je objavljen 2005. godine. Softver omogu\u0107ava korisnicima da daljinski kontroli\u0161u druge ra\u010dunare i ure\u0111aje na <em>Windows<\/em>, <em>macOS<\/em>, <em>Android<\/em>, i <em>iOS <\/em>platformama, \u0161to ga \u010dini popularnim alatom za tehni\u010dku podr\u0161ku, administraciju sistema i daljinsku saradnju.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Jedna od zna\u010dajnih prednosti <em>TeamViewer <\/em>softvera le\u017ei u njegovoj kompatibilnosti sa ra\u010dunarima iza za\u0161titnih zidova i <em>proxy<\/em> servera. Ova funkcija pove\u0107ava njegovu korisnost, \u010dine\u0107i program pouzdanim izborom za korisnike koji se suo\u010davaju sa mre\u017enim ograni\u010denjima. Pored toga, aplikacija podr\u017eava pode\u0161avanja sa vi\u0161e monitora, pru\u017eaju\u0107i svestrano rje\u0161enje za korisnike sa naprednim konfiguracijama ekrana.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Me\u0111utim, pored svega kori\u0161tenje <em>TeamViewer <\/em>softvera nosi i neke rizike. Glavni potencijalni problem kojeg treba imati na umu sa <em>TeamViewer <\/em>softverom je da, ako se koristi nepravilno, mo\u017ee ostaviti ure\u0111aje otvorenim za zloupotrebu od strane trec\u0301ih strana. Iako su <em>TeamViewer<\/em> veze \u0161ifrovane, neko ko mo\u017ee da se prijavi na sesiju korisni\u010dkog ure\u0111aja, imao bi neometan pristup njegovim podacima.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"TEAMVIEWER_RANJIVOST_CVE-2024-1933\"><\/span><strong><span style=\"font-size: 14pt;\"><em>TEAMVIEWER<\/em> RANJIVOST <em>CVE-2024-1933<\/em><\/span><\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Otkrivena <em>TeamViewer<\/em> ranjivost je ozna\u010dena kao <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-1933\" target=\"_blank\" rel=\"noopener\"><em>CVE-2024-1933<\/em><\/a> (sa <em>CVSS3.0<\/em> ocjenom 7.1) i poga\u0111a verzije <em>TeamViewer<\/em> <em>macOS<\/em> klijenta prije verzije <em>15.52<\/em>. Problem je nalaz u napadu na <em>symlink<\/em>, vrstu eksploatacije u kojoj napada\u010d kreira simboli\u010dku vezu (eng. <em>symbolic link \u2013 symlink<\/em>) koja vodi do neo\u010dekivane lokacije, potencijalno omogu\u0107avaju\u0107i mu da podignu svoje privilegije na sistemu ili sprovede\u00a0 napad uskra\u0107ivanja usluge (eng. <em>Denial of Service<\/em> \u2013 <em>DoS<\/em>).<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Simboli\u010dke veze (<em>symlink<\/em>) su tip datoteke koje djeluju kao pre\u010dice, ukazuju\u0107i na drugu datoteku ili direktorijum. Ako softver ne rukuje pa\u017eljivo simboli\u010dkim vezama, napada\u010di mogu da manipuli\u0161u njima da bi prepisali kriti\u010dne sistemske datoteke ili dobili neovla\u0161teni pristup. Napada\u010di sa neovla\u0161tenim pristupom ranjivom sistemu mogli bi da iskoriste ovu ranjivost u razne zlonamjerne svrhe.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Iskori\u0161tavanjem ove ranjivosti, napada\u010di bi mogli da podignu svoje privilegije na vi\u0161e nivoe, omogu\u0107avaju\u0107i im da izvr\u0161avaju proizvoljni k\u00f4d sa ve\u0107om kontrolom sistema ili da privilegovanim pristupom dobiju uvid u osjetljive <a href=\"https:\/\/sajberinfo.com\/en\/2023\/04\/16\/podaci-uvod-epizoda-1\/\" target=\"_blank\" rel=\"nofollow noopener\">podatke<\/a> i izvr\u0161e njihovu kra\u0111u. Tu je i opasnost od instalacije <a href=\"https:\/\/sajberinfo.com\/en\/2021\/09\/26\/malware\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernog softvera<\/a> koji mo\u017ee da izazove razne smetnje u radu ure\u0111aja, o\u0161teti podatke ili uskrati pristup ure\u0111aju i njegovim servisima.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kompanija <em>TeamViewer<\/em> je ve\u0107 izdala ispravku u novoj verziji <em>15.52<\/em> i korisnici bi trebalo da izvr\u0161e nadogradnju verziju <em>15.52<\/em> ili noviju respektivno \u0161to je prije mogu\u0107e.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Otkrivena je TeamViewer macOS klijent ranjivost koja dovodi korisnike starijih verzija macOS operativnog sistema do zna\u010dajnog rizika. Gre\u0161ka symlink mo\u017ee omogu\u0107iti zlonamjernim akterima da pove\u0107aju svoje privilegije unutar operativnog sistema na ciljanom ure\u0111aju i&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":6408,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[960,961,284,144,93,959,469,126],"class_list":["post-6407","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-cve-2024-1933","tag-denial-of-service","tag-dos","tag-macos","tag-malware","tag-symlink","tag-teamviewer","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=6407"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6407\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/6408"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=6407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=6407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=6407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}