Primary

Context

TeamViewer DEX Command Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Patched

A command injection vulnerability has been identified in TeamViewer DEX (formerly 1E DEX), specifically within the 1E-Nomad-RunPkgStatusRequest instruction. This vulnerability arises from improper input validation, which allows authenticated attackers with actioner privileges to execute elevated arbitrary commands on connected hosts by injecting malicious commands into the instruction's input field. Users of the 1E Client version 24.5 or higher are not affected.

Impact

Exploitation of this vulnerability allows for command injection, enabling authenticated attackers to execute arbitrary commands with elevated privileges on the affected host.

Remediation

To address this vulnerability, users should update to 1E Client version 26.1 or higher and remove the 1E-Nomad-RunPkgStatusRequest instruction from the DEX Portal.

Added: Jan 29, 2026, 9:19 AM

Updated: Jan 29, 2026, 5:10 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

8.3

relevance

2.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TeamViewer DEX Command Injection Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

1E Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating