CVE-2025-64992

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TeamViewer DEX (former 1E DEX) versions prior to V25

Description A command injection issue exists in TeamViewer DEX (formerly 1E DEX) related to the 1E-Nomad-PauseNomadJobQueue instruction. Insufficient input validation allows authenticated attackers possessing Actioner privileges to inject arbitrary commands. Successful exploitation allows remote execution of elevated commands on devices connected to the platform.

Recommendations Update to version V25 or later.

Fix

RCE

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-77

Related Identifiers

CVE-2025-64992

Affected Products

1E Dex

Teamviewer Dex

CVE-2025-64992

Weakness Enumeration

Related Identifiers

Affected Products

References · 6