CVE-2025-64991

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TeamViewer DEX (former 1E DEX) versions prior to 15

Description A command injection issue exists in TeamViewer DEX (formerly 1E DEX) within the 1E-PatchInsights-Deploy instruction. Insufficient input validation allows authenticated attackers possessing Actioner privileges to inject arbitrary commands. Successful exploitation allows for the remote execution of elevated commands on devices connected to the platform.

Recommendations Update to version 15 or later.

Fix

RCE

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-77

Related Identifiers

CVE-2025-64991

Affected Products

1E Dex

Teamviewer Dex

CVE-2025-64991

Weakness Enumeration

Related Identifiers

Affected Products

References · 6