Information Disclosure Vulnerability in AnyDesk
CVE-2024-12754

5.5MEDIUM

Key Information:

Vendor

Anydesk
Status
Anydesk
Vendor
CVE Published:
30 December 2024

Badges

πŸ₯‡ Trended No. 1πŸ“ˆ TrendedπŸ“ˆ Score: 8,360πŸ‘Ύ Exploit Exists🟑 Public PoCπŸ“° News Worthy

What is CVE-2024-12754?

CVE-2024-12754 is a vulnerability identified in AnyDesk, a remote desktop software used for remote access and online collaboration. This information disclosure vulnerability enables local attackers to access sensitive information within affected installations of AnyDesk. If exploited, it may result in unauthorized access to stored credentials, which could lead to further security breaches and data compromise within an organization.

Technical Details

The vulnerability stems from improper handling of background images in AnyDesk. An attacker, having gained the ability to execute low-privileged code on the target machine, can create a junction that allows the misuse of the service for reading arbitrary files. This flaw is linked to the mechanisms responsible for managing background images, creating a pathway for unauthorized information retrieval.

Potential impact of CVE-2024-12754

  1. Unauthorized Information Disclosure: This vulnerability can facilitate the disclosure of sensitive information, including user credentials, putting the organization at risk of unauthorized access to critical systems.

  2. Increased Risk of Further Compromise: With disclosed credentials, attackers can potentially gain higher privileges or access additional sensitive data, exacerbating the impact on organizational security.

  3. Reputational Damage: In the event of a breach resulting from this vulnerability, organizations may experience significant reputational harm, leading to a loss of customer trust and potential financial implications.

Affected Version(s)

AnyDesk 8.0.9.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Anydesk LPE Vulnerability
Created by CICADA8 Research

News Articles

favicon imageCybersecurityNews

PoC Exploit Released for AnyDesk Vulnerability Exploited to Gain Admin Access Via Wallpapers

According to cybersecurity researcher Naor Hodorov, the flaw lies in how AnyDesk processes desktop background images during session initialization.Β 

favicon imageGBHackers News

Hackers Exploit AnyDesk Vulnerability to Gain Admin Access – PoC Released

A newly discovered vulnerability in AnyDesk, the popular remote desktop software, has sparked serious cybersecurity concerns.

favicon imageCybersecurityNews

Weaponizing Windows Background Images to Gain Admin Access Using AnyDesk Vulnerability

A recently disclosed vulnerability in AnyDesk, a widely used remote desktop software, has raised significant cybersecurity concerns.Β 

References

https://www.zerodayinitiative.com/advisories/ZDI-24-1711/
x_research-advisory

CVSS V3.0

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ₯‡

    Vulnerability reached the number 1 worldwide trending spot

  • πŸ“ˆ

    Vulnerability started trending

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ“°

    First article discovered by CybersecurityNews

  • Vulnerability published

.
CVE-2024-12754 : Information Disclosure Vulnerability in AnyDesk