CVE-2025-64989

Name of the Vulnerable Software and Affected Versions TeamViewer DEX versions prior to 21.1

Description A command injection issue exists in TeamViewer DEX (formerly 1E DEX) within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction. Insufficient input validation allows authenticated attackers possessing Actioner privileges to inject arbitrary commands. Successful exploitation allows for the remote execution of elevated commands on connected devices.

Recommendations Update TeamViewer DEX to version 21.1 or later.