CVE-2019-25261

High CVSS: 8.5

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service executable locations, potentially gaining elevated system privileges.

Vendor

Anydesk

Product

Anydesk

CWE

CWE-428

Yayın Tarihi

2026-02-03 15:16:10

Güncelleme

2026-02-25 19:08:45

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 Anydesk HIGH Anydesk 2026

Referanslar

http://anydesk.com https://www.exploit-db.com/exploits/47883 https://www.vulncheck.com/advisories/anydesk-unquoted-service-path

Benzer Kayıtlar

High

CVE-2025-27916

An issue was discovered in AnyDesk for Windows before 9.0.6 and AnyDesk for Android before 8.0.0. When the connection be…

High

CVE-2025-27917

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.…

Critical

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.…

High

CVE-2025-27919

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can…