Vulnerability Database

314,433

Total vulnerabilities in the database

CVE-2025-64990

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

Published: Dec 11, 2025
Updated: Dec 17, 2025
CVE: CVE-2025-64990
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-20

Affected Software
References

No affected software listed.

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo