Vulnerability in Anydesk
CVE-2025-34499
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to i…
EPSS: 0.004 (28.1th percentile) — read the EPSS interpretation.
Affected products
- Anydesk — versions 7.0.15, 9.0.1
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)