CVE-2020-13160

CRITICAL

AnyDesk < 5.5.3 - Remote Code Execution via Format String Vulnerability

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-13160. PoCs published by scryh, scryh, Spencer McIntyre, including Metasploit module exploits/linux/misc/cve_2020_13160_anydesk.

AI-analyzed exploit summary This exploit targets a remote code execution vulnerability in AnyDesk 5.5.2 by sending a maliciously crafted UDP discovery packet containing shellcode. The payload leverages a format string vulnerability to achieve arbitrary code execution.

Description

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.

Exploits (2)

exploitdb WORKING POC VERIFIED
by scryh · pythonremotelinux
https://www.exploit-db.com/exploits/49613

This exploit targets a remote code execution vulnerability in AnyDesk 5.5.2 by sending a maliciously crafted UDP discovery packet containing shellcode. The payload leverages a format string vulnerability to achieve arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: AnyDesk 5.5.2
No auth needed
Prerequisites: Network access to the target's UDP port 50001 · Target running AnyDesk 5.5.2
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by scryh, Spencer McIntyre · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/cve_2020_13160_anydesk.rb

This Metasploit module exploits a format string vulnerability in AnyDesk's GUI (CVE-2020-13160) by sending a crafted UDP discovery packet. It achieves remote code execution by corrupting memory via format string specifiers and requires the GUI frontend to be active.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: AnyDesk 5.5.2 on Ubuntu 20.04/18.04 x64
No auth needed
Prerequisites: AnyDesk GUI frontend must be running · Network access to UDP port 50001
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Release Notes, Vendor Advisory x_refsource_misc
https://download.anydesk.com/changelog.txt
Exploit, Third Party Advisory x_refsource_misc
https://devel0pment.de/?p=1881
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/158291/AnyDesk-GUI-Format-String-Write.html
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/161628/AnyDesk-5.5.2-Remote-Code-Execution.html

Scores

CVSS v3 9.8
EPSS 0.8055
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-134
Status published
Products (1)
anydesk/anydesk < 5.5.3
Published Jun 09, 2020
Tracked Since Feb 18, 2026