teamviewer 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk input validation、バッファオーバーフロー、パス処理の欠陥, and vendor risk memory corruption があり、vendor surface software deployment の利用場面で vendor impact unexpected behavior、アプリケーションクラッシュ, and vendor impact memory corruption などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-23571 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. Improper input validation allows authenticated attackers with actioner privilege to run elevated arbitrary commands on connected hosts via malicious commands injected into the instruction’s input field. Users of 1E Client version 24.5 or higher are not affected. | [email protected] | 6.8 | 0.11% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23570 | A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation. | [email protected] | 6.5 | 0.06% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23569 | An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack memory could be used to bypass ASLR remotely and facilitate exploitation of other vulnerabilities on the affected system. | [email protected] | 6.5 | 0.05% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23568 | An out-of-bounds read vulnerability in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked memory could be used to bypass ASLR and facilitate further exploitation. | [email protected] | 5.4 | 0.01% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23567 | An integer underflow in the UDP command handler of the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to trigger a heap-based buffer overflow and cause a denial-of-service (service crash) via specially crafted UDP packets. | [email protected] | 6.5 | 0.02% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23566 | A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. This can impact log integrity and nonrepudiation. | [email protected] | 6.5 | 0.06% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23565 | A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause the NomadBranch.exe process to terminate via crafted requests. This can result in a denial-of-service condition of the Content Distribution Service. | [email protected] | 6.5 | 0.06% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23564 | A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive information. | [email protected] | 6.5 | 0.01% | 2026-01-29 | 2026-02-11 |
| CVE-2026-23563 | Improper Link Resolution Before File Access (invoked by 1E‑Explorer‑TachyonCore‑DeleteFileByPath instruction) in TeamViewer DEX - 1E Client before version 26.1 on Windows allows a low‑privileged local attacker to delete protected system files via a crafted RPC control junction or symlink that is followed when the delete instruction executes. | [email protected] | 5.7 | 0.03% | 2026-01-29 | 2026-02-11 |
| CVE-2025-64995 | A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges. | [email protected] | 6.5 | 0.01% | 2025-12-11 | 2026-01-09 |
| CVE-2025-64994 | A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-SetWorkRate instruction prior V17.1. The improper handling of executable search paths could allow local attackers with write access to a PATH directory on a device to escalate privileges and execute arbitrary code as SYSTEM. | [email protected] | 6.5 | 0.01% | 2025-12-11 | 2026-01-09 |
| CVE-2025-64993 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 6.8 | 0.06% | 2025-12-11 | 2026-01-09 |
| CVE-2025-64992 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-PauseNomadJobQueue instruction prior V25. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 6.8 | 0.06% | 2025-12-11 | 2026-01-09 |
| CVE-2025-64991 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-PatchInsights-Deploy instruction prior V15. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 6.8 | 0.06% | 2025-12-11 | 2026-01-09 |
| CVE-2025-64990 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-LogoffUser instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 6.8 | 0.14% | 2025-12-11 | 2026-01-14 |
| CVE-2025-64989 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-FindFileBySizeAndHash instruction prior V21.1. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 7.2 | 0.21% | 2025-12-11 | 2026-01-14 |
| CVE-2025-64988 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Nomad-GetCmContentLocations instruction prior V19.2. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 7.2 | 0.22% | 2025-12-11 | 2026-01-14 |
| CVE-2025-64987 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-CheckSimpleIoC instruction. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 7.2 | 0.22% | 2025-12-11 | 2026-01-14 |
| CVE-2025-64986 | A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-DevicesListeningOnAPort instruction prior V21. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform. | [email protected] | 7.2 | 0.22% | 2025-12-11 | 2026-01-14 |
| CVE-2025-46266 | A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to coerce the service into transmitting data to an arbitrary internal IP address, potentially leaking sensitive information. | [email protected] | 4.3 | 0.03% | 2025-12-11 | 2026-01-14 |