SB2025121125 - Multiple vulnerabilities in Teamviewer Digital Employee Experience (DEX)
Published: December 11, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) OS Command Injection (CVE-ID: CVE-2025-64986)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
2) OS Command Injection (CVE-ID: CVE-2025-64987)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
3) OS Command Injection (CVE-ID: CVE-2025-64988)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
4) OS Command Injection (CVE-ID: CVE-2025-64989)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
5) OS Command Injection (CVE-ID: CVE-2025-64990)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, execution of the command needs additional approval of high privileged user other than the attacker.
6) OS Command Injection (CVE-ID: CVE-2025-64991)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, execution of the command needs additional approval of high privileged user other than the attacker.
7) OS Command Injection (CVE-ID: CVE-2025-64992)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, execution of the command needs additional approval of high privileged user other than the attacker.
8) OS Command Injection (CVE-ID: CVE-2025-64993)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation. A remote user with Actioner privileges can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Note, execution of the command needs additional approval of high privileged user other than the attacker.
9) Untrusted search path (CVE-ID: CVE-2025-64994)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path within the 1E-Nomad-SetWorkRate instruction. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
10) Untrusted search path (CVE-ID: CVE-2025-64995)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
Remediation
Install update from vendor's website.