Data Transmission Vulnerability in TeamViewer DEX Client for Windows
CVE-2025-46266

4.3MEDIUM

Key Information:

Vendor: Teamviewer
Status: Dex
Vendor: CVE Published:; 11 December 2025

What is CVE-2025-46266?

The TeamViewer DEX Client (formerly known as the 1E Client) for Windows is susceptible to a vulnerability whereby the Content Distribution Service (NomadBranch.exe) can be manipulated by malicious actors. This may allow unauthorized data transmission to an arbitrary internal IP address, posing a significant risk of sensitive information leakage. Users of versions prior to 25.11 should be vigilant regarding this security concern and consider promptly updating to secure their systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

DEX Windows 0 < 25.11.0.29

References

https://www.teamviewer.com/en/resources/trust-center/secu...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 11, 2025
Vulnerability Reserved
Apr 30, 2025

Credit

Threat Hunt Team of Bank of America

JSON

Teamviewer

What is CVE-2025-46266?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.