Описание
AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.4.2 (включая) до 6.1.0 (исключая)
cpe:2.3:a:anydesk:anydesk:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 35%
0.00145
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-427
Связанные уязвимости
github
больше 3 лет назад
AnyDesk before 6.1.0 on Windows, when run in portable mode on a system where the attacker has write access to the application directory, allows this attacker to compromise a local user account via a read-only setting for a Trojan horse gcapi.dll file.
EPSS
Процентиль: 35%
0.00145
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-427