Vulnerability Database

314,433

Total vulnerabilities in the database

CVE-2025-64988

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

Published: Dec 11, 2025
Updated: Dec 17, 2025
CVE: CVE-2025-64988
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.2
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-20

Affected Software
References

No affected software listed.

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo