Description
AnyDesk version 9.7.5 suffers from an unquoted service path vulnerability...
Basic Information
ID
PACKETSTORM:223341
Published
Jun 12, 2026 at 00:00
Affected Product
Affected Versions
# Exploit Title: AnyDesk v9.7.5 - Unquoted Service Path
# Date: 2026-06-06
# Exploit Author: Milad Karimi
# Contact: [email protected]
# Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL
# Vendor Homepage: http://anydesk.com
# Software Link: http://anydesk.com/download
# Version: 9.7.5
# Tested on: Windows 10 Pro x64
1. Description:
The Anydesk installs as a service with an unquoted service path running
with SYSTEM privileges.
This could potentially allow an authorized but non-privileged local
user to execute arbitrary code with elevated privileges on the system.
2. Proof Of Concept
C:\>sc qc anydesk
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: anydesk
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : "C:\Program Files (x86)\AnyDesk\AnyDesk.exe"
--service
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : AnyDesk Service
DEPENDENCIES : RpcSs
SERVICE_START_NAME : LocalSystem
# Date: 2026-06-06
# Exploit Author: Milad Karimi
# Contact: [email protected]
# Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL
# Vendor Homepage: http://anydesk.com
# Software Link: http://anydesk.com/download
# Version: 9.7.5
# Tested on: Windows 10 Pro x64
1. Description:
The Anydesk installs as a service with an unquoted service path running
with SYSTEM privileges.
This could potentially allow an authorized but non-privileged local
user to execute arbitrary code with elevated privileges on the system.
2. Proof Of Concept
C:\>sc qc anydesk
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: anydesk
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : "C:\Program Files (x86)\AnyDesk\AnyDesk.exe"
--service
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : AnyDesk Service
DEPENDENCIES : RpcSs
SERVICE_START_NAME : LocalSystem