Vulnerabilities > Anydesk > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-03 | CVE-2023-26509 | Resource Exhaustion vulnerability in Anydesk 7.0.8 AnyDesk 7.0.8 allows remote Denial of Service. | 7.5 |
| 2022-09-12 | CVE-2021-44426 | Unrestricted Upload of File with Dangerous Type vulnerability in Anydesk An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. | 8.8 |
| 2022-07-18 | CVE-2022-32450 | Link Following vulnerability in Anydesk 7.0.9 AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there. | 7.1 |
| 2021-10-14 | CVE-2021-40854 | Improper Privilege Management vulnerability in Anydesk AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obtain administrator privileges by using the Open Chat Log feature to launch a privileged Notepad process that can launch other applications. | 7.8 |
| 2021-01-11 | CVE-2020-35483 | Uncontrolled Search Path Element vulnerability in Anydesk 5.4.2/6.0.8 AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file. | 7.8 |
| 2020-12-09 | CVE-2020-27614 | Improper Input Validation vulnerability in Anydesk AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation. | 7.8 |
| 2018-07-03 | CVE-2018-13102 | Untrusted Search Path vulnerability in Anydesk AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability. | 7.8 |