CVE-2026-23566 - Vulnerability Details

- Log Injection in Content Distribution Service UDP Handler

Description

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. This can impact log integrity and nonrepudiation.

Published: 2026-01-29

Score: 6.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability enables an attacker on the same network to craft UDP packets that are processed by the Content Distribution Service (NomadBranch.exe) in the TeamViewer DEX Client. By injecting malicious data, the attacker can insert, modify, or forge entries in the Nomad Branch.log file, thereby compromising the integrity of log data and undermining nonrepudiation guarantees. This flaw is a classic input validation issue (CWE‑20).

Affected Systems

Affected systems include the TeamViewer Digital Employee Experience (DEX) Client, formerly known as 1E Client, on Windows platforms. Versions before 26.1 are vulnerable; users should verify they are on version 26.1 or newer. No other products are listed.

Risk and Exploitability

The CVSS base score of 6.5 indicates a moderate severity. The EPSS score of less than 1% suggests a very low probability of exploitation in the wild, and the flaw is not currently listed in the CISA Known Exploited Vulnerabilities catalog. The attack requires the adversary to be on the adjacent network and to send crafted UDP packets to the service's handler; it does not require advanced credentials or bypass of authentication, but it can lead to misleading audit trails if the logs are relied upon for incident response.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

TeamViewer

DEX

unaffected

Version	Status	Constraints
`0`	affected	< 26.1

Configuration 1 [-]

AND

cpe:2.3:a:teamviewer:digital_employee_experience:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Teamviewer	Dex	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Solution

Update the TeamViewer DEX Client (1E Client) to the latest available version.

OpenCVE Recommended Actions

Update the TeamViewer DEX Client to the latest available version.
If an immediate update is not possible, block or filter UDP traffic that targets the Content Distribution Service on the affected machines.
Ensure that logs are stored in a tamper‑resistant manner, such as using dedicated log management solutions with signed entries, to preserve integrity.

Generated by OpenCVE AI on April 18, 2026 at 01:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00064.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/

History

Wed, 11 Feb 2026 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Microsoft Microsoft windows Teamviewer digital Employee Experience
CPEs		cpe:2.3:a:teamviewer:digital_employee_experience:::::::: cpe:2.3:o:microsoft:windows:-:::::::*
Vendors & Products		Microsoft Microsoft windows Teamviewer digital Employee Experience

Fri, 30 Jan 2026 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Teamviewer Teamviewer dex
Vendors & Products		Teamviewer Teamviewer dex

Thu, 29 Jan 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 29 Jan 2026 09:00:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. This can impact log integrity and nonrepudiation.
Title		Log Injection in Content Distribution Service UDP Handler
Weaknesses		CWE-20
References		https://www.teamviewer.com/en/resources/trust-center/security-bulletins/tv-2026-1001/
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Microsoft Windows

Teamviewer Dex Digital Employee Experience

MITRE

Status: PUBLISHED

Assigner: TV

Published: 2026-01-29T08:46:02.075Z

Updated: 2026-01-29T16:44:19.585Z

Reserved: 2026-01-14T13:54:40.322Z

Link: CVE-2026-23566

Vulnrichment

Updated: 2026-01-29T15:56:49.011Z

NVD

Status : Analyzed

Published: 2026-01-29T09:16:04.217

Modified: 2026-02-11T19:42:27.537

Link: CVE-2026-23566

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T01:45:33Z

Weaknesses

CWE-20

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object