Unrated severityNVD Advisory· Published Dec 11, 2025· Updated Dec 11, 2025

Command Injection in 1E-ConfigMgrConsoleExtensions Instructions

CVE-2025-64993

Description

A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote execution of elevated commands on devices connected to the platform.

Affected products

Dexidp/Dexllm-fuzzy
TeamViewer/DEXv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1006/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000