CVE-2025-44016 HIGH

CVE-2025-44016: File Hash Validation Bypass in NomadBranch.exe

Vendor Teamviewer

Product DEX

Weakness CWE-20 · Input validation

Published December 11, 2025

Last update December 11, 2025

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Adjacent

Attack complexity Low

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to bypass file integrity validation via a crafted request. By providing a valid hash for a malicious file, an attacker can cause the service to incorrectly validate and process the file as trusted, enabling arbitrary code execution under the Nomad Branch service context.

Key dates

02Disclosure timeline

December 11, 2025 CVE published

December 11, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-44016

Related vulnerabilities

Identifiers

CVE CVE-2025-44016

CWE CWE-20

CVSS 8.8 / HIGH

Affected versions

Vendor Teamviewer

Product DEX

Affected < 25.11.0.29

Vendor Teamviewer

Product DEX

Affected ≤ 25.9.0.46

Vendor Teamviewer

Product DEX

Affected ≤ 25.5.0.53

Vendor Teamviewer

Product DEX

Affected ≤ 24.5.0.69

CVE-2025-44016: File Hash Validation Bypass in NomadBranch.exe

01Description

02Disclosure timeline

03References

04Related CVE