Anydesk

Anydesk

16 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-27916

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.11.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 17:16:13

An issue was discovered in AnyDesk for Windows before 9.0.6 and AnyDesk for Android before 8.0.0. When the connection between two clients is established via an IP address, it is possible to manipulate the data and spoof the AnyDesk ID.

7.5

CVE-2025-27917

Exploit
  • EPSS 0.2%
  • Veröffentlicht 06.11.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 17:16:13

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. Remote Denial of Service can occur because of incorrect d...

9.8

CVE-2025-27918

Exploit
  • EPSS 0.06%
  • Veröffentlicht 06.11.2025 00:00:00
  • Zuletzt bearbeitet 08.12.2025 17:16:13

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffe...

8.2

CVE-2025-27919

Exploit
  • EPSS 0.04%
  • Veröffentlicht 06.11.2025 00:00:00
  • Zuletzt bearbeitet 12.11.2025 17:15:37

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can manipulate remote AnyDesk settings and create a password for the Full Access profile without needing confirmation from the counter...

5.5

CVE-2024-12754

  • EPSS 2.98%
  • Veröffentlicht 30.12.2024 17:15:07
  • Zuletzt bearbeitet 14.08.2025 18:46:10

AnyDesk Link Following Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on...

7.5

CVE-2024-52940

  • EPSS 13.92%
  • Veröffentlicht 18.11.2024 05:15:05
  • Zuletzt bearbeitet 18.11.2024 17:11:17

AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID.

7.5

CVE-2023-26509

  • EPSS 0.22%
  • Veröffentlicht 03.07.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:51:38

AnyDesk 7.0.8 allows remote Denial of Service.

6.5

CVE-2021-44425

Exploit
  • EPSS 0.11%
  • Veröffentlicht 12.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:30:56

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthoriz...

8.8

CVE-2021-44426

Exploit
  • EPSS 0.45%
  • Veröffentlicht 12.09.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:30:56

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local ~/Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an atta...

7.1

CVE-2022-32450

Exploit
  • EPSS 0.12%
  • Veröffentlicht 18.07.2022 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:06:22

AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there.