Security Advisory

CVE-2025-64988

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 11:26:48

Last updated 2025-12-11 16:52:33

Assigner TV

State PUBLISHED

Description

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

← Browse all CVEs View on cve.org ↗