Hackers Exploit AnyDesk Vulnerability to Gain Admin Access – PoC Released

A vulnerability in AnyDesk, CVE-2024-12754, allows local attackers to escalate privileges to administrative levels by manipulating the process of copying desktop background images. The vulnerability, categorized as CWE-59 (Path Traversal), enables attackers to access sensitive system files and potentially steal credentials. AnyDesk has released version 9.0.1 with patches to address the issue.