CVE-2025-64995

Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction

Description

A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the device during execution, to hijack the process and execute arbitrary code with SYSTEM privileges.

INFO

Published Date :

2025-12-11T11:29:50.467Z

Last Modified :

2025-12-11T14:40:43.196Z

Source :

TV

AFFECTED PRODUCTS

The following products are affected by CVE-2025-64995 vulnerability.

Vendors	Products
Teamviewer	Dex Digital Employee Experience

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-64995.

URL	Resource
https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact