Unrated severityNVD Advisory· Published Nov 6, 2025· Updated Nov 12, 2025
CVE-2025-27919
CVE-2025-27919
Description
An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my device" permission can manipulate remote AnyDesk settings and create a password for the Full Access profile without needing confirmation from the counterparty. Consequently, the attacker can later connect without this counterparty confirmation.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.