{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2695", "assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6", "state": "PUBLISHED", "assignerShortName": "TV", "dateReserved": "2026-02-18T14:30:36.890Z", "datePublished": "2026-05-13T16:09:08.776Z", "dateUpdated": "2026-05-13T17:45:24.249Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6", "shortName": "TV", "dateUpdated": "2026-05-13T16:09:08.776Z"}, "title": "Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-20", "description": "CWE-20 Improper input validation", "type": "CWE"}]}], "affected": [{"vendor": "TeamViewer", "product": "DEX (On-Premises)", "modules": ["Platform"], "versions": [{"status": "affected", "version": "0", "lessThan": "9.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "A command\ninjection vulnerability was discovered\u00a0in TeamViewer DEX Platform On-Premises\n(former 1E DEX Platform On-Premises) prior to version 9.2.\u00a0Improper input validation allows\nauthenticated users with at least questioner privileges to inject commands in specific\ninstructions. Exploitation could lead to execution of elevated commands on\ndevices connected to the platform.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>A command\ninjection vulnerability was discovered&nbsp;in TeamViewer DEX Platform On-Premises\n(former 1E DEX Platform On-Premises) prior to version 9.2.&nbsp;Improper input validation allows\nauthenticated users with at least questioner privileges to inject commands in specific\ninstructions. Exploitation could lead to execution of elevated commands on\ndevices connected to the platform.&nbsp;</p>"}]}], "references": [{"url": "https://www.teamviewer.com/de/resources/trust-center/security-bulletins/tv-2026-1004/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}}], "solutions": [{"lang": "en", "value": "Update to the latest version (v9.2 or the latest available version).", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Update to the latest version (v9.2 or the latest available version)."}]}], "credits": [{"lang": "en", "value": "Lockheed Martin Red Team", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-13T17:19:55.259243Z", "id": "CVE-2026-2695", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T17:45:24.249Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2695", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-13T17:19:55.259243Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-13T17:45:18.243Z"}}], "cna": {"title": "Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Lockheed Martin Red Team"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TeamViewer", "modules": ["Platform"], "product": "DEX (On-Premises)", "versions": [{"status": "affected", "version": "0", "lessThan": "9.2", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to the latest version (v9.2 or the latest available version).", "supportingMedia": [{"type": "text/html", "value": "Update to the latest version (v9.2 or the latest available version).", "base64": false}]}], "references": [{"url": "https://www.teamviewer.com/de/resources/trust-center/security-bulletins/tv-2026-1004/"}], "x_generator": {"engine": "Vulnogram 1.0.2"}, "descriptions": [{"lang": "en", "value": "A command\ninjection vulnerability was discovered\u00a0in TeamViewer DEX Platform On-Premises\n(former 1E DEX Platform On-Premises) prior to version 9.2.\u00a0Improper input validation allows\nauthenticated users with at least questioner privileges to inject commands in specific\ninstructions. Exploitation could lead to execution of elevated commands on\ndevices connected to the platform.", "supportingMedia": [{"type": "text/html", "value": "<p>A command\ninjection vulnerability was discovered&nbsp;in TeamViewer DEX Platform On-Premises\n(former 1E DEX Platform On-Premises) prior to version 9.2.&nbsp;Improper input validation allows\nauthenticated users with at least questioner privileges to inject commands in specific\ninstructions. Exploitation could lead to execution of elevated commands on\ndevices connected to the platform.&nbsp;</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper input validation"}]}], "providerMetadata": {"orgId": "13430f76-86eb-43b2-a71c-82c956ef31b6", "shortName": "TV", "dateUpdated": "2026-05-13T16:09:08.776Z"}}}, "cveMetadata": {"cveId": "CVE-2026-2695", "state": "PUBLISHED", "dateUpdated": "2026-05-13T17:45:24.249Z", "dateReserved": "2026-02-18T14:30:36.890Z", "assignerOrgId": "13430f76-86eb-43b2-a71c-82c956ef31b6", "datePublished": "2026-05-13T16:09:08.776Z", "assignerShortName": "TV"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A command\ninjection vulnerability was discovered\u00a0in TeamViewer DEX Platform On-Premises\n(former 1E DEX Platform On-Premises) prior to version 9.2.\u00a0Improper input validation allows\nauthenticated users with at least questioner privileges to inject commands in specific\ninstructions. Exploitation could lead to execution of elevated commands on\ndevices connected to the platform."}], "id": "CVE-2026-2695", "lastModified": "2026-05-13T18:10:51.227", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "psirt@teamviewer.com", "type": "Secondary"}]}, "published": "2026-05-13T17:16:19.453", "references": [{"source": "psirt@teamviewer.com", "url": "https://www.teamviewer.com/de/resources/trust-center/security-bulletins/tv-2026-1004/"}], "sourceIdentifier": "psirt@teamviewer.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "psirt@teamviewer.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,9.2)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "DEX (On-Premises)", "source": "cna", "vendor": "TeamViewer"}, "product": "dex", "vendor": "teamviewer"}], "created": "2026-05-13T19:00:15.980109+00:00", "updated": "2026-05-14T14:34:12.692232+00:00", "vendors": ["teamviewer", "teamviewer$PRODUCT$dex"]}