Vulnerability-Lookup

CNVD-2026-12564

Vulnerability from cnvd - Published: 2026-03-04

Title

TeamViewer DEX Client输入验证错误漏洞

Description

TeamViewer DEX Client是德国TeamViewer公司的一个数字化员工体验和终端管理软件。 TeamViewer DEX Client 26.1之前版本存在输入验证错误漏洞，该漏洞源于Content Distribution Service缺少对用户控制值的验证，攻击者可利用该漏洞导致日志时间戳被篡改。

Severity

中

Patch Name

TeamViewer DEX Client输入验证错误漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.teamviewer.com/en/download/windows/

Reference

https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/

Impacted products

Name
TeamViewer DEX Client <26.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2026-23570",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2026-23570"
    }
  },
  "description": "TeamViewer DEX Client\u662f\u5fb7\u56fdTeamViewer\u516c\u53f8\u7684\u4e00\u4e2a\u6570\u5b57\u5316\u5458\u5de5\u4f53\u9a8c\u548c\u7ec8\u7aef\u7ba1\u7406\u8f6f\u4ef6\u3002\n\nTeamViewer DEX Client 26.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eContent Distribution Service\u7f3a\u5c11\u5bf9\u7528\u6237\u63a7\u5236\u503c\u7684\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u65e5\u5fd7\u65f6\u95f4\u6233\u88ab\u7be1\u6539\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.teamviewer.com/en/download/windows/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2026-12564",
  "openTime": "2026-03-04",
  "patchDescription": "TeamViewer DEX Client\u662f\u5fb7\u56fdTeamViewer\u516c\u53f8\u7684\u4e00\u4e2a\u6570\u5b57\u5316\u5458\u5de5\u4f53\u9a8c\u548c\u7ec8\u7aef\u7ba1\u7406\u8f6f\u4ef6\u3002\r\n\r\nTeamViewer DEX Client 26.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eContent Distribution Service\u7f3a\u5c11\u5bf9\u7528\u6237\u63a7\u5236\u503c\u7684\u9a8c\u8bc1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u65e5\u5fd7\u65f6\u95f4\u6233\u88ab\u7be1\u6539\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "TeamViewer DEX Client\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "TeamViewer DEX Client \u003c26.1"
  },
  "referenceLink": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/",
  "serverity": "\u4e2d",
  "submitTime": "2026-02-05",
  "title": "TeamViewer DEX Client\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2026-23570 (GCVE-0-2026-23570)

Vulnerability from cvelistv5 – Published: 2026-01-29 08:50 – Updated: 2026-01-29 15:45

Title

Log timestamp tampering vulnerability in Content Distribution Service

Summary

A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

CWE-20 - Improper Input Validation

Assigner

References

URL

Tags

https://www.teamviewer.com/en/resources/trust-cen…

Impacted products

	Vendor	Product	Version
	TeamViewer	DEX	Affected: 0 , < 26.1 (custom)

Credits

Threat Hunt Team of Bank of America

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23570",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-29T15:41:12.827915Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-29T15:45:56.209Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "Content Distribution Service",
            "NomadBranch.exe"
          ],
          "platforms": [
            "Windows"
          ],
          "product": "DEX",
          "vendor": "TeamViewer",
          "versions": [
            {
              "lessThan": "26.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Threat Hunt Team of Bank of America"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation."
            }
          ],
          "value": "A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-93",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-93 Log Injection-Tampering-Forging"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-29T08:50:52.882Z",
        "orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
        "shortName": "TV"
      },
      "references": [
        {
          "url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update the TeamViewer DEX Client (1E Client) to the latest available version."
            }
          ],
          "value": "Update the TeamViewer DEX Client (1E Client) to the latest available version."
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Log timestamp tampering vulnerability in Content Distribution Service",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6",
    "assignerShortName": "TV",
    "cveId": "CVE-2026-23570",
    "datePublished": "2026-01-29T08:50:52.882Z",
    "dateReserved": "2026-01-14T13:54:40.322Z",
    "dateUpdated": "2026-01-29T15:45:56.209Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2026-12564

CVE-2026-23570 (GCVE-0-2026-23570)

Tags

Sightings

Nomenclature