ThreatCluster

Denial-of-Service Vulnerability in AnyDesk Affects Local Installations

First seen 15 Jul 2026, 01:41 UTC cwe.mitre.orgNvd.Nistwww.zerodayinitiative.comcve.org 83% similarity 55

Article Content

Browse articles
ThreatCluster

A newly disclosed vulnerability, CVE-2026-15681, affects AnyDesk installations, allowing local attackers to create a denial-of-service condition. The flaw arises from improper handling of screen recording files, enabling attackers with low-privileged code execution to create arbitrary files via junctions. This vulnerability has been reported by the Zero Day Initiative (ZDI) and was published on July 13, 2026. The issue was escalated to the vendor's security team, but no resolution was provided, leading ZDI to publish the advisory. The only mitigation strategy suggested is to restrict interaction with the product. This vulnerability poses a significant risk to users of AnyDesk software.

Key Points: • CVE-2026-15681 allows local denial-of-service attacks on AnyDesk installations. • Attackers must have low-privileged code execution to exploit this vulnerability. • ZDI reported the issue to the vendor but received no effective response.

ThreatCluster AI

Timeline

2025-03-25
ZDI submitted vulnerability report
ZDI reported the AnyDesk vulnerability to the vendor's SOC team.
Zero Day Initiative
2025-09-26
Vendor confirmed escalation to security team
The vendor's support team confirmed that the issue was escalated to their security team.
Zero Day Initiative
2025-12-11
Vendor stated issue out of scope
The vendor's support team communicated that the reported issue was out of their scope for resolution.
Zero Day Initiative
2026-06-26
ZDI notified vendor of publication intent
ZDI informed the vendor of their intention to publish the vulnerability as a 0-day advisory.
Zero Day Initiative
2026-07-13
CVE-2026-15681 published
CVE-2026-15681 was officially published, detailing the denial-of-service vulnerability in AnyDesk.
Nvd.Nist

Community

Browse all →