A vulnerability, which was classified as critical, was found in AnyDesk 7.0.9. This affects an unknown functionality. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field07/19/2022 11:32 AM08/06/2022 02:10 PM08/06/2022 02:11 PM
nameAnyDeskAnyDeskAnyDesk
version7.0.97.0.97.0.9
cwe61 (symlink)61 (symlink)61 (symlink)
risk222
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
cvss3_vuldb_rcRRR
urlhttp://seclists.org/fulldisclosure/2022/Jul/9http://seclists.org/fulldisclosure/2022/Jul/9http://seclists.org/fulldisclosure/2022/Jul/9
cveCVE-2022-32450CVE-2022-32450CVE-2022-32450
cve_assigned1654380000 (06/05/2022)1654380000 (06/05/2022)1654380000 (06/05/2022)
cve_nvd_summaryAnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there.AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there.AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there.
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_vuldb_rcURURUR
cvss2_vuldb_auSSS
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss2_vuldb_basescore9.09.09.0
cvss2_vuldb_tempscore8.68.68.6
cvss3_vuldb_basescore8.88.88.8
cvss3_vuldb_tempscore8.58.58.5
cvss3_meta_basescore8.88.88.0
cvss3_meta_tempscore8.58.57.8
price_0day$0-$5k$0-$5k$0-$5k
identifier167608167608
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iH
cvss3_nvd_aH
cvss3_nvd_basescore7.1

Do you want to use VulDB in your project?

Use the official API to access entries easily!