Log timestamp tampering vulnerability in Content Distribution Service_CVE-2026-23570

6.5 / 10

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Description

A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation.

Basic Information

ID CVE-2026-23570

Source TV

Published Jan 29, 2026 at 08:50

Affected Product

Vendor TeamViewer

Product DEX

Affected Versions TeamViewer DEX 0

CWE Classification

CWE-20

References

www.teamviewer.com /en/resources/trust-center/security-bulletins/tv-2026-1001/

{
    "lastseen": "",
    "description": "A missing validation of a user-controlled value in the TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged or nonsensical datetime prefixes and compromising log integrity and forensic correlation.",
    "published": "2026-01-29T08:50:52.882Z",
    "modified": "2026-01-29T08:50:52.882Z",
    "type": "cve",
    "title": "Log timestamp tampering vulnerability in Content Distribution Service",
    "source": "TV",
    "references": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/",
    "id": "CVE-2026-23570",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20"
    ],
    "cvelist": null,
    "sourceData": "TeamViewer DEX 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DEX",
    "version": "0",
    "vendor": "TeamViewer",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}