{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-44016","assignerOrgId":"13430f76-86eb-43b2-a71c-82c956ef31b6","state":"PUBLISHED","assignerShortName":"TV","dateReserved":"2025-04-30T08:08:15.948Z","datePublished":"2025-12-11T11:24:37.520Z","dateUpdated":"2025-12-11T17:20:33.878Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Content Distribution Service","NomadBranch.exe"],"platforms":["Windows"],"product":"DEX","vendor":"TeamViewer","versions":[{"lessThan":"25.11.0.29","status":"affected","version":"0","versionType":"custom"},{"changes":[{"at":"HF-PLTPKG-524","status":"unaffected"}],"lessThanOrEqual":"25.9.0.46","status":"affected","version":"0","versionType":"custom"},{"changes":[{"at":"HF-PLTPKG-526","status":"unaffected"}],"lessThanOrEqual":"25.5.0.53","status":"affected","version":"0","versionType":"custom"},{"changes":[{"at":"HF-PLTPKG-525","status":"unaffected"}],"lessThanOrEqual":"24.5.0.69","status":"affected","version":"0","versionType":"custom"}]}],"credits":[{"lang":"en","type":"finder","value":"Threat Hunt Team of Bank of America"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the service to incorrectly validate and process the file as trusted, enabling arbitrary code execution under the Nomad Branch service context."}],"value":"A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the service to incorrectly validate and process the file as trusted, enabling arbitrary code execution under the Nomad Branch service context."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"ADJACENT_NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"13430f76-86eb-43b2-a71c-82c956ef31b6","shortName":"TV","dateUpdated":"2025-12-11T11:24:37.520Z"},"references":[{"url":"https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2025-1005/"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Update the TeamViewer DEX client to the latest available version."}],"value":"Update the TeamViewer DEX client to the latest available version."}],"source":{"discovery":"EXTERNAL"},"title":"File Hash Validation Bypass in NomadBranch.exe","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-12-11T17:20:04.181566Z","id":"CVE-2025-44016","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-11T17:20:33.878Z"}}]}}