CVE-2025-64995

Medium CVSS: 6.5

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges.

Vendor

Teamviewer

Product

Digital Employee Experience

CWE

CWE-427

Yayın Tarihi

2025-12-11 12:16:26

Güncelleme

2026-01-09 02:02:53

Source Identifier

psirt@teamviewer.com

KEV Date Added

Kategoriler

CWE-427 Digital Employee Experience MEDIUM Teamviewer 2025

Referanslar

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/

Benzer Kayıtlar

Medium

CVE-2026-23565

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior versi…

Medium

CVE-2026-23566

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior versi…

Medium

CVE-2026-23567

An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution S…

Medium

CVE-2026-23568

An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (Noma…

Medium

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (Noma…

Medium

CVE-2026-23570

A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution S…