CVE-2020-35483

Name of the Vulnerable Software and Affected Versions: AnyDesk versions prior to 6.1.0

Description: The issue allows an attacker to compromise a local user account when AnyDesk is run in portable mode on a Windows system where the attacker has write access to the application directory. This is achieved via a read-only setting for a Trojan horse gcapi.dll file.

Recommendations: For versions prior to 6.1.0, update to version 6.1.0 or later to resolve the issue. As a temporary workaround, consider restricting write access to the application directory to minimize the risk of exploitation.