← voltar
CVE-2025-64995

Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction

CVSS 6.5 MEDIUMEPSS 0.1%CWE-427
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.5EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 dez 2025Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges.
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
TeamViewer · DEX

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/