Denial-of-Service Vulnerability in AnyDesk by AnyDesk Software
CVE-2026-15682

4.7MEDIUM

Key Information:

Vendor

Anydesk

Status
Vendor
CVE Published:
13 July 2026

What is CVE-2026-15682?

This vulnerability in AnyDesk allows local attackers to induce a denial-of-service condition by exploiting the Send Support Information feature. By creating a junction, attackers can manipulate the service to generate arbitrary files, compromising the system's operational integrity. Attackers must first gain the ability to execute low-privileged code on the target machine to exploit this flaw effectively.

Affected Version(s)

AnyDesk 9.0.4

References

CVSS V3.0

Score:
4.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.