- AnyDesk was founded in Germany in 2014, and its unique remote desktop access software has been downloaded by more than 300 million users worldwide, adding another 5 million every month.
- Download the small AnyDesk file of 3 MB and finish urgent tasks on the go with AnyDesk’s user-friendly interface. AnyDesk is not only compatible with Windows 10, but many other operating systems and their various versions, including iOS, macOS, Linux and Android.
Problem type
Incorrect Access Control / XPC LPE
Anydesk 2020 Full
For AnyDesk, one of the fastest-growing technology companies in Germany and one of the leading providers of remote desktop solutions, 2020 was the most successful year in its history. AnyDesk 6.1.2 (60102) Update on: 2020-10-06. App uploaded by: ธันยา คร้าบ.
Description
AnyDesk 6.0.2 for macOS contains a privileged XPC service that does not properly validate client requests. An attacker can exploit this service and use the installation routines provided by it to change the permissions of an arbitrary file or directory in the filesystem.
Impact
An attacker that can execute code with user permissions can use this vulnerability to change permissions of protected system directories. This can be used to escalate to root privileges through launchd.
Affected products
The vulnerability affects AnyDesk for macOS versions 6.0.2 and older.
Resolution
Anydesk Review 2020
The vulnerability has been fixed in AnyDesk for macOS version 6.0.3.