TeamViewer DEX is a remote desktop protocol used by TeamViewer, a popular remote access software. This vulnerability allows attackers to inject arbitrary commands on devices connected to the platform, potentially leading to unauthorized system modifications or data exfiltration.
You're affected if you use A command. Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.
Upgrade to TeamViewer DEX version 19.2 or later.
- Immediate mitigations:
- Restrict network access to your TeamViewer instance (firewall it from the public internet)
- Audit admin account activity for suspicious access patterns
- Monitor for unauthorized token creation