CVE-2025-64990

Name of the Vulnerable Software and Affected Versions TeamViewer DEX (former 1E DEX) versions prior to 21.1

Description A command injection issue exists in TeamViewer DEX (formerly 1E DEX) due to improper input validation. This affects the 1E-Explorer-TachyonCore-LogoffUser instruction. An authenticated attacker with Actioner privileges can inject arbitrary commands, leading to remote execution of elevated commands on connected devices.

Recommendations Update TeamViewer DEX to version 21.1 or later.