Denial-of-Service Vulnerability in AnyDesk Affects Local Installations
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
A newly disclosed vulnerability, CVE-2026-15681, affects AnyDesk installations, allowing local attackers to create a denial-of-service condition. The flaw arises from improper handling of screen recording files, enabling attackers with low-privileged code execution to create arbitrary files via junctions. This vulnerability has been reported by the Zero Day Initiative (ZDI) and was published on July 13, 2026. The issue was escalated to the vendor's security team, but no resolution was provided, leading ZDI to publish the advisory. The only mitigation strategy suggested is to restrict interaction with the product. This vulnerability poses a significant risk to users of AnyDesk software.
Key Points: • CVE-2026-15681 allows local denial-of-service attacks on AnyDesk installations. • Attackers must have low-privileged code execution to exploit this vulnerability. • ZDI reported the issue to the vendor but received no effective response.