CVE-2025-27916

High CVSS: 7.5

An issue was discovered in AnyDesk for Windows before 9.0.6 and AnyDesk for Android before 8.0.0. When the connection between two clients is established via an IP address, it is possible to manipulate the data and spoof the AnyDesk ID.

Vendor

Anydesk

Product

Anydesk

CWE

CWE-290

Yayın Tarihi

2025-11-06 18:15:40

Güncelleme

2025-12-08 17:16:13

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-290 Anydesk HIGH Anydesk 2025

Referanslar

https://anydesk.com/en/changelog/windows https://dspace.cvut.cz/bitstream/handle/10467/122721/F8-DP-2025-Krejsa-Vojtech-DP_Krejsa_Vojtech_2025.pdf

Benzer Kayıtlar

High

CVE-2019-25261

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local att…

High

CVE-2025-27917

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.…

Critical

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.…

High

CVE-2025-27919

An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can…