TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data

TeamViewer DEX Vulnerabilities Let Attackers Trigger DoS Attack and Expose Sensitive Data

Posted on By CWS

A number of essential vulnerabilities in TeamViewer DEX Shopper’s Content material Distribution Service (NomadBranch.exe), previously a part of 1E Shopper.

Affecting Home windows variations earlier than 25.11 and choose older branches, the failings stem from improper enter validation (CWE-20), probably enabling attackers on the native community to execute code, crash the service, or leak delicate knowledge.

Essentially the most extreme challenge, CVE-2025-44016 (CVSS 3.1 base rating: 8.8 Excessive), permits bypassing file integrity checks. By crafting a request with a sound hash for malicious code, attackers can trick the service into treating it as trusted, enabling arbitrary code execution inside the NomadBranch context.

Complementing this are two medium-severity flaws. CVE-2025-12687 (CVSS 6.5 Medium) triggers a denial-of-service (DoS) crash through a specifically crafted command, halting the service completely. In the meantime, CVE-2025-12687 (CVSS 4.3 Medium) coerces the service into sending knowledge to an arbitrary inner IP handle, risking the publicity of delicate data.

All vulnerabilities require adjoining community entry (AV:A), making them viable threats in peer-to-peer or shared LAN environments. Notably, no proof suggests wild exploitation up to now. Installations with NomadBranch disabled in its default state are unaffected, as is the TeamViewer Distant/Tensor “DEX Necessities” add-on.

TeamViewer has patched these in model 25.11.0.29 and hotfixes for legacy branches:

Launch VersionDownload Link25.11.0.291E Shopper 25.1125.9.0.46 (HF-PLTPKG-524)HF-PLTPKG-52425.5.0.53 LTSB (HF-PLTPKG-526)HF-PLTPKG-52624.5.0.69 LTSB (HF-PLTPKG-525)Help Portal

CVE-2025-46266 is mounted solely in 25.11 and later. Organizations ought to prioritize updates, confirm NomadBranch standing, and phase networks to mitigate adjoining assaults.

As distant entry instruments come underneath growing scrutiny, this disclosure underscores the necessity for sturdy enter validation in content material distribution providers.

Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Hackers Weaponized Open VSX Extension with Sophisticated Malware After Reaching 5066 Downloads Hackers Weaponized Open VSX Extension with Sophisticated Malware After Reaching 5066 Downloads Cyber Security News
Python-based PyRAT with Cross-Platform Capabilities and Extensive Remote Access Features Python-based PyRAT with Cross-Platform Capabilities and Extensive Remote Access Features Cyber Security News
DrayOS Routers Vulnerability Let Attackers Execute Malicious Code Remotely DrayOS Routers Vulnerability Let Attackers Execute Malicious Code Remotely Cyber Security News
6 Million FTP Servers Still Exposed in 2026, Report Reveals 6 Million FTP Servers Still Exposed in 2026, Report Reveals Cyber Security News
AI-Powered Phishing and QR Code Threats Rise in 2025 AI-Powered Phishing and QR Code Threats Rise in 2025 Cyber Security News
Lessons From Salesforce/Salesloft Drift Data Breaches Lessons From Salesforce/Salesloft Drift Data Breaches Cyber Security News