Broken Access Control in TeamViewer DEX Platform (On Premises)

5.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Description

A broken access
control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not
correctly enforce authorization checks, allowing an authenticated user with low
privileges to perform actions and access resources intended only for higher‑privileged roles. An attacker with
low‑privileged credentials may exploit
this to gain unauthorized access to administrative or sensitive functionality.

Basic Information

ID CVE-2026-8381

Source TV

Published May 22, 2026 at 08:29

Affected Product

Vendor TeamViewer

Product DEX (On-premises)

Affected Versions TeamViewer DEX (On-premises) 0

CWE Classification

CWE-862

References

www.teamviewer.com /en/resources/trust-center/security-bulletins/tv-2026-1005/

{
    "lastseen": "",
    "description": "A broken access\ncontrol vulnerability exists in the TeamViewer DEX Platform (On\u2011Premises) prior version 9.2. Certain backend API endpoints do not\ncorrectly enforce authorization checks, allowing an authenticated user with low\nprivileges to perform actions and access resources intended only for higher\u2011privileged roles.\u00a0An attacker with\nlow\u2011privileged credentials may exploit\nthis to gain unauthorized access to administrative or sensitive functionality.",
    "published": "2026-05-22T08:29:16.451Z",
    "modified": "2026-05-22T08:29:16.451Z",
    "type": "cve",
    "title": "Broken Access Control in TeamViewer DEX Platform (On Premises)",
    "source": "TV",
    "references": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1005/",
    "id": "CVE-2026-8381",
    "bulletinFamily": "",
    "cwe": [
        "CWE-862"
    ],
    "cvelist": null,
    "sourceData": "TeamViewer DEX (On-premises) 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DEX (On-premises)",
    "version": "0",
    "vendor": "TeamViewer",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Broken Access Control in TeamViewer DEX Platform (On Premises)_CVE-2026-8381