CVE-2025-64993

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

More information : https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/