Primary

Context

TeamViewer DEX Client Integer Underflow Vulnerability Leading to Heap-Based Buffer Overflow

Vulnerability

An integer underflow vulnerability has been identified in the UDP command handler of the TeamViewer DEX Client (formerly 1E Client) - Content Distribution Service (NomadBranch.exe) prior to version 26.1 for Windows. This vulnerability allows an adjacent network attacker to trigger a heap-based buffer overflow, causing a denial-of-service condition by crashing the service. The issue arises from the improper handling of specially crafted UDP packets.

Impact

Exploitation of this vulnerability leads to a heap-based buffer overflow, causing the NomadBranch.exe process to crash and creating a denial-of-service condition for the Content Distribution Service.

Remediation

Users are advised to update to TeamViewer DEX Client version 26.1 or the latest available version. Installations with the Content Distribution Service disabled are not affected.

Added: Jan 29, 2026, 9:20 AM

Updated: Jan 29, 2026, 5:13 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TeamViewer DEX Client Integer Underflow Vulnerability Leading to Heap-Based Buffer Overflow

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating