exploitDog

CVE-2025-64994

Опубликовано: 11 дек. 2025

Источник: nvd

CVSS3: 6.5

CVSS3: 6.7

EPSS Низкий

Описание

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate privileges and execute arbitrary code as SYSTEM.

Ссылки

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:teamviewer:digital_employee_experience:*:*:*:*:*:*:*:*

Версия до 17.1 (исключая)

EPSS

Процентиль: 3%

0.00016

Низкий

6.5 Medium

CVSS3

6.7 Medium

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-2rf3-6xwj-242m

CVSS3: 6.5

github

около 2 месяцев назад

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate privileges and execute arbitrary code as SYSTEM.

EPSS

Процентиль: 3%

0.00016

Низкий

6.5 Medium

CVSS3

6.7 Medium

CVSS3

Дефекты

CWE-427