![]() The MITRE ATT&CK project declares the attack technique as T1068. There are neither technical details nor an exploit publicly available. This vulnerability is traded as CVE-2021-44425 since. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthorized access to the local machine's AnyDesk tunneling protocol stack (and also to any remote destination machine software that is listening to the AnyDesk tunneled port). ![]() CVE summarizes:Īn issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. This is going to have an impact on confidentiality, integrity, and availability. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. The manipulation with an unknown input leads to a access control vulnerability. Affected is an unknown code block of the component Tunneling Feature. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability classified as critical has been found in AnyDesk up to 6.2.5/6.3.2. ![]() ![]() The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |