CVE-2019-25261

HIGH

AnyDesk 5.4.0 - Unquoted Service Path Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-25261. PoCs published by SajjadBnd.

AI-analyzed exploit summary This entry describes an unquoted service path vulnerability in AnyDesk 5.4.0, where the service path contains spaces and is not enclosed in quotes, potentially allowing local privilege escalation via path manipulation.

Description

AnyDesk 5.4.0 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially inject malicious executables. Attackers can exploit the unquoted binary path to place malicious files in service executable locations, potentially gaining elevated system privileges.

Exploits (1)

exploitdb WRITEUP
by SajjadBnd · textlocalwindows
https://www.exploit-db.com/exploits/47883

This entry describes an unquoted service path vulnerability in AnyDesk 5.4.0, where the service path contains spaces and is not enclosed in quotes, potentially allowing local privilege escalation via path manipulation.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: AnyDesk 5.4.0
Auth required
Prerequisites: Local access to the system · Ability to write to the root of C:\
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/47883
Various Sources product
http://anydesk.com
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/anydesk-unquoted-service-path

Scores

CVSS v3 7.8
EPSS 0.0016
EPSS Percentile 5.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
anydesk/anydesk 5.4.0
Published Feb 03, 2026
Tracked Since Feb 18, 2026