TeamViewer is a popular remote-support software that allows users to securely share their desktop or take full control of other’s PC over the Internet from anywhere in the world. The vulnerability resides in the way the software quotes its custom URI handlers, which could allow an attacker to force the software to relay an NTLM authentication request to the attacker’s system. To exploit the vulnerability, an attacker needs to embed a malicious iframe on a website and then trick victims into visiting that maliciously crafted URL.
Source: https://thehackernews.com/2020/08/teamviewer-password-hacking.html