CVE-2016-20094

CVE-2016-20094CVE-2016-20094

Description

AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during application startup or system reboot.

Scoring

CVSS 7.8 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Last modified2026-06-19
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.