CVE-2025-64986 - CVE-2025-64986

Threat Intelligence

Low Risk

EPSS Score: 0.29% chance of exploitation (percentile: 52%)

🔍 Detection Tools: None available in major open-source tools

⚔️ Exploit Availability: No public exploits found

What is it?

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Explorer-TachyonCore-DevicesListeningOnAPort instruction prior V21. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

Am I affected?

You're affected if you use A command. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.

How to fix

No public patch link found in the advisory. Contact the vendor directly for remediation guidance. As immediate mitigation: restrict network access to affected systems if possible.

References

www.teamviewer.com