CNNVD-202511-523 Information

CNNVD ID

CNNVD-202511-523

Related CVE

CVE-2025-27918

• CNNVD Published: 2025-11-06

Description (Chinese)

AnyDesk是德国AnyDesk公司的一款远程桌面连接软件。 AnyDesk 9.0.0之前版本存在输入验证错误漏洞，该漏洞源于处理Discovery功能中的Identity用户图像或建立两个客户端之间的连接时，UDP数据包存在整数溢出和堆缓冲区溢出。

Description (English)

AnyDesk is a remote desktop connection software for AnyDesk, Germany. The previous version of AnyDesk 9.0.0 had an input validation error loophole, which arose when processing Identity user images from the Discovery function or creating a connection between the two clients, the UDP package had an integer spill and a stacked buffer.

Hazard Level

Low

Vulnerability Type

输入验证错误

Affected Vendor

AnyDesk

Published

2025-11-06

Last Modified

2026-02-24

References

https://dspace.cvut.cz/bitstream/handle/10467/122721/F8-DP-2025-Krejsa-Vojtech-DP_Krejsa_Vojtech_2025.pdf https://anydesk.com/en/changelog/windows https://access.redhat.com/security/cve/cve-2025-27918