CVE-2026-8381
Broken Access Control in TeamViewer DEX Platform (On Premises)
CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
9th
A broken access control vulnerability exists in the TeamViewer DEX Platform (On‑Premises) prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for higher‑privileged roles. An attacker with low‑privileged credentials may exploit this to gain unauthorized access to administrative or sensitive functionality.
| CWE | CWE-862 |
| Vendor | teamviewer |
| Product | dex (on-premises) |
| Published | May 22, 2026 |
| Last Updated | May 22, 2026 |
Stay Ahead of the Next One
Get instant alerts for teamviewer dex (on-premises)
Be the first to know when new medium vulnerabilities affecting teamviewer dex (on-premises) are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None
Affected Versions
TeamViewer / DEX (On-premises)
0 < 9.2