CVE-2025-34499

Sažetak

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-level system permissions.

Reference

http://anydesk.com
http://anydesk.com/download
https://www.exploit-db.com/exploits/51968
https://www.exploit-db.com/exploits/52258
https://www.vulncheck.com/advisories/anydesk-unquoted-service-path-privilege-escalation-vulnerability

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

12-12-2025 - 15:17

Objavljeno

11-12-2025 - 22:15