CVE-2025-34499 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM…
Medium CVSS: 6.9

CVE-2025-34499

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-level system permissions.
Vendor
-
Product
-
CWE
CWE-428
Yayın Tarihi
2025-12-11 22:15:53
Güncelleme
2025-12-12 15:17:31
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-428 MEDIUM 2025

Referanslar

http://anydesk.com http://anydesk.com/download https://www.exploit-db.com/exploits/51968 https://www.exploit-db.com/exploits/52258 https://www.vulncheck.com/advisories/anydesk-unquoted-service-path-privilege-escalation-vulnerability