Browse all 3 CVE security advisories affecting AnyDesk. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AnyDesk provides remote desktop access for IT support and remote work, allowing users to connect to devices worldwide. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with three CVEs currently documented. The software employs encryption for secure connections but has experienced security incidents, including a 2022 report indicating potential unauthorized access through compromised update servers. While AnyDesk maintains security features like end-to-end encryption and session passwords, its widespread use makes it a target for exploitation, requiring regular updates and proper configuration to mitigate risks associated with its remote access capabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25261 | AnyDesk 5.4.0 - Unquoted Service Path — AnyDeskCWE-428 | 7.8 | High | 2026-02-03 |
| CVE-2025-34499 | AnyDesk 9.0.1 Unquoted Service Path Privilege Escalation Vulnerability — AnyDeskCWE-428 | 7.8AI | HighAI | 2025-12-11 |
| CVE-2024-12754 | AnyDesk Link Following Information Disclosure Vulnerability — AnyDeskCWE-59 | 5.5 | - | 2024-12-30 |
This page lists every published CVE security advisory associated with AnyDesk. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.