Digital Employee Experience
Monthly
TeamViewer DEX versions below 24.5 allow authenticated users with actioner privileges to execute arbitrary elevated commands on connected hosts through inadequate input validation in the 1E-Nomad-RunPkgStatusRequest instruction. An attacker with these credentials could inject malicious commands to gain unauthorized system access and control. The vulnerability requires user interaction and high-level privileges but carries a significant risk due to the potential for complete system compromise.
Log timestamp tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject malicious UDP Sync commands that corrupt event timestamps, undermining log integrity and forensic investigation capabilities. This input validation flaw affects Windows deployments of the NomadBranch service and could enable attackers to obscure the timeline of malicious activities or create misleading audit trails. No patch is currently available for this medium-severity vulnerability.
TeamViewer DEX Client versions before 26.1 contain an out-of-bounds read in the Content Distribution Service that enables remote attackers to leak stack memory and trigger denial of service without authentication. Successful exploitation could disclose memory contents useful for bypassing address space layout randomization and chaining with other vulnerabilities. No patch is currently available for this medium-severity flaw affecting Windows deployments.
Information disclosure and denial-of-service in TeamViewer DEX Client versions before 26.1 allows adjacent network attackers to trigger an out-of-bounds read via specially crafted packets, potentially leaking sensitive memory that could be leveraged to bypass ASLR protections. Affected Windows systems running the NomadBranch.exe content distribution service are vulnerable to attacks requiring only network proximity, with no authentication or user interaction needed.
Denial-of-service in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to crash the NomadBranch.exe service by sending specially crafted UDP packets that trigger a heap buffer overflow. The vulnerability stems from an integer underflow in the UDP command handler that can be exploited without authentication or user interaction. Currently, no patch is available and the attack requires network adjacency to the affected system.
Log tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject, modify, or forge entries in the NomadBranch.log file through the UDP network handler, compromising log integrity and audit trail reliability. An attacker with network access can send crafted packets to the Content Distribution Service to manipulate logging records without authentication, potentially obscuring malicious activity or creating false audit entries.
TeamViewer DEX Client versions prior to 26.1 contain a null pointer dereference in the NomadBranch.exe Content Distribution Service that allows adjacent network attackers to crash the process without authentication. An attacker can exploit this vulnerability to disable the Content Distribution Service, causing a denial-of-service condition on affected Windows systems. No patch is currently available.
Digital Employee Experience is affected by cleartext transmission of sensitive information (CVSS 6.5).
Digital Employee Experience versions up to 26.1 is affected by improper link resolution before file access (CVSS 5.7).
TeamViewer DEX versions below 24.5 allow authenticated users with actioner privileges to execute arbitrary elevated commands on connected hosts through inadequate input validation in the 1E-Nomad-RunPkgStatusRequest instruction. An attacker with these credentials could inject malicious commands to gain unauthorized system access and control. The vulnerability requires user interaction and high-level privileges but carries a significant risk due to the potential for complete system compromise.
Log timestamp tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject malicious UDP Sync commands that corrupt event timestamps, undermining log integrity and forensic investigation capabilities. This input validation flaw affects Windows deployments of the NomadBranch service and could enable attackers to obscure the timeline of malicious activities or create misleading audit trails. No patch is currently available for this medium-severity vulnerability.
TeamViewer DEX Client versions before 26.1 contain an out-of-bounds read in the Content Distribution Service that enables remote attackers to leak stack memory and trigger denial of service without authentication. Successful exploitation could disclose memory contents useful for bypassing address space layout randomization and chaining with other vulnerabilities. No patch is currently available for this medium-severity flaw affecting Windows deployments.
Information disclosure and denial-of-service in TeamViewer DEX Client versions before 26.1 allows adjacent network attackers to trigger an out-of-bounds read via specially crafted packets, potentially leaking sensitive memory that could be leveraged to bypass ASLR protections. Affected Windows systems running the NomadBranch.exe content distribution service are vulnerable to attacks requiring only network proximity, with no authentication or user interaction needed.
Denial-of-service in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to crash the NomadBranch.exe service by sending specially crafted UDP packets that trigger a heap buffer overflow. The vulnerability stems from an integer underflow in the UDP command handler that can be exploited without authentication or user interaction. Currently, no patch is available and the attack requires network adjacency to the affected system.
Log tampering in TeamViewer DEX Client versions prior to 26.1 allows adjacent network attackers to inject, modify, or forge entries in the NomadBranch.log file through the UDP network handler, compromising log integrity and audit trail reliability. An attacker with network access can send crafted packets to the Content Distribution Service to manipulate logging records without authentication, potentially obscuring malicious activity or creating false audit entries.
TeamViewer DEX Client versions prior to 26.1 contain a null pointer dereference in the NomadBranch.exe Content Distribution Service that allows adjacent network attackers to crash the process without authentication. An attacker can exploit this vulnerability to disable the Content Distribution Service, causing a denial-of-service condition on affected Windows systems. No patch is currently available.
Digital Employee Experience is affected by cleartext transmission of sensitive information (CVSS 6.5).
Digital Employee Experience versions up to 26.1 is affected by improper link resolution before file access (CVSS 5.7).