Security Advisory

CVE-2025-34499

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-11 21:43:29

Last updated 2026-03-05 12:04:27

Assigner VulnCheck

State PUBLISHED

Description

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-level system permissions.

← Browse all CVEs View on cve.org ↗