Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for higher‑privileged roles. An attacker with low‑privileged credentials may exploit this to gain unauthorized access to administrative or sensitive functionality.
AnalysisAI
Broken access control in TeamViewer DEX Platform (On-Premises) before version 9.2 allows authenticated low-privileged users to invoke administrative API endpoints and access sensitive resources outside their authorized scope. The root cause is CWE-862 (Missing Authorization) - backend API endpoints omit proper role-based authorization checks despite confirming user identity. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis, but the network-accessible attack vector and low complexity make exploitation straightforward for any user holding valid platform credentials.
Technical ContextAI
TeamViewer DEX is an on-premises digital employee experience platform with a backend API layer. CWE-862 (Missing Authorization) describes a pattern where code performs authentication - confirming the user's identity - but skips or incorrectly implements the authorization step that enforces what that identity is permitted to do. The affected component is the backend API surface, where certain endpoints expose administrative or sensitive operations without checking the caller's role. The affected CPE is cpe:2.3:a:teamviewer:dex_(on-premises):*:*:*:*:*:*:*:*, covering all versions from 0 up to (but not including) 9.2 as cataloged by ENISA EUVD-2026-31420 and the vendor's own advisory TV-2026-1005. The tag 'Authentication Bypass' aligns with the practical effect: a user authenticated at a low-privilege tier can bypass intended role boundaries.
RemediationAI
Upgrade TeamViewer DEX Platform (On-Premises) to version 9.2 or later, which is the vendor-confirmed fix release per advisory TV-2026-1005 at https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1005/. If immediate patching is not operationally feasible, restrict access to the DEX administrative API endpoints at the network perimeter using firewall rules that limit API reachability to trusted IP ranges or dedicated administrative networks, reducing the pool of potential authenticated attackers. Additionally, audit and minimize the number of active low-privileged accounts on the platform, and enable API access logging to detect anomalous calls to high-privilege endpoints as a compensating detective control. Network segmentation does not remediate the underlying CWE-862 authorization flaw and must be treated as a temporary measure only; patching to 9.2 remains the required remediation.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31420
GHSA-x4qq-w73c-72mv