Arbitrary Code Execution Vulnerability in TeamViewer DEX Client for Windows
CVE-2025-44016

8.8HIGH

Key Information:

Vendor: Teamviewer
Status: Dex
Vendor: CVE Published:; 11 December 2025

What is CVE-2025-44016?

A vulnerability exists in the TeamViewer DEX Client (formerly 1E client) related to the Content Distribution Service (NomadBranch.exe) on Windows. This flaw allows attackers to circumvent file integrity checks by sending a crafted request with a valid hash for a malicious file. As a result, the service may incorrectly identify the file as trustworthy, leading to the execution of arbitrary code within the context of the Nomad Branch service.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

DEX Windows 0 < 25.11.0.29

DEX Windows 0 <= 25.9.0.46

DEX Windows 0 <= 25.5.0.53

References

https://www.teamviewer.com/en/resources/trust-center/secu...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Apr 30, 2025

Credit

Threat Hunt Team of Bank of America

JSON

Teamviewer

What is CVE-2025-44016?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.