exploitDog

CVE-2025-64995

Опубликовано: 11 дек. 2025

Источник: nvd

CVSS3: 6.5

CVSS3: 6.7

EPSS Низкий

Описание

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges.

Ссылки

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:teamviewer:digital_employee_experience:*:*:*:*:*:*:*:*

Версия до 3.4 (исключая)

EPSS

Процентиль: 3%

0.00016

Низкий

6.5 Medium

CVSS3

6.7 Medium

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-mhm2-77w6-f4f8

CVSS3: 6.5

github

около 2 месяцев назад

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges.

EPSS

Процентиль: 3%

0.00016

Низкий

6.5 Medium

CVSS3

6.7 Medium

CVSS3

Дефекты

CWE-427