CVE-2025-27917
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-06
Last updated on: 2025-12-08
Assigner: MITRE
Description
Description
An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. Remote Denial of Service can occur because of incorrect deserialization that results in failed memory allocation and a NULL pointer dereference.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anydesk | anydesk | to 9.0.4 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in AnyDesk through version 9.0.4 is caused by incorrect deserialization, which leads to failed memory allocation and a NULL pointer dereference, resulting in a remote denial of service.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to remotely cause a denial of service, potentially making the AnyDesk service unavailable or unstable.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70