PT-2026-5798 · Anydesk · Anydesk
Sajjadbnd
·
Published
2026-02-03
·
Updated
2026-02-25
·
CVE-2019-25261
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
AnyDesk version 5.4.0
Description
AnyDesk 5.4.0 has an issue with an unquoted service path in its Windows service configuration. This could allow local attackers to inject malicious executables. Exploiting the unquoted binary path enables attackers to place malicious files in service executable locations, potentially leading to elevated system privileges.
Recommendations
Update to a newer version of AnyDesk that addresses the unquoted service path issue.
Exploit
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Anydesk