CVE-2021-44426 - OpenCVE

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local ~/Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to the same remote machine. The upload is done without any approval or action taken by the victim.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Anydesk	Anydesk

Configuration 1 [-]

OR	cpe:2.3:a:anydesk:anydesk::::::windows::*
	cpe:2.3:a:anydesk:anydesk::::::windows::*

References

Link	Resource
https://anydesk.com/en/downloads/windows	Product Vendor Advisory
https://argus-sec.com/discovering-tunneling-service-security-flaws-in-anydesk-remote-application/	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-12T20:47:33

Updated: 2022-09-12T20:47:33

Reserved: 2021-11-29T00:00:00

Link: CVE-2021-44426

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-12T21:15:09.127

Modified: 2022-09-16T15:09:37.113

Link: CVE-2021-44426

JSON object: View

Redhat Information

No data.

CWE

CWE-434

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local ~/Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to the same remote machine. The upload is done without any approval or action taken by the victim."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-12T20:47:33", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://anydesk.com/en/downloads/windows"}, {"tags": ["x_refsource_MISC"], "url": "https://argus-sec.com/discovering-tunneling-service-security-flaws-in-anydesk-remote-application/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-44426", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local ~/Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to the same remote machine. The upload is done without any approval or action taken by the victim."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://anydesk.com/en/downloads/windows", "refsource": "MISC", "url": "https://anydesk.com/en/downloads/windows"}, {"name": "https://argus-sec.com/discovering-tunneling-service-security-flaws-in-anydesk-remote-application/", "refsource": "MISC", "url": "https://argus-sec.com/discovering-tunneling-service-security-flaws-in-anydesk-remote-application/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-44426", "datePublished": "2022-09-12T20:47:33", "dateReserved": "2021-11-29T00:00:00", "dateUpdated": "2022-09-12T20:47:33", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:anydesk:anydesk:*:*:*:*:*:windows:*:*", "matchCriteriaId": "C5CA60F4-25B6-44E9-997F-AD1CF9C7B34C", "versionEndExcluding": "6.2.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:anydesk:anydesk:*:*:*:*:*:windows:*:*", "matchCriteriaId": "C55E8126-92A0-4739-BB65-5F72B771EA58", "versionEndExcluding": "6.3.3", "versionStartIncluding": "6.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.5. An upload of an arbitrary file to a victim's local ~/Downloads/ directory is possible if the victim is using the AnyDesk Windows client to connect to a remote machine, if an attacker is also connected remotely with AnyDesk to the same remote machine. The upload is done without any approval or action taken by the victim."}, {"lang": "es", "value": "Se ha detectado un problema en AnyDesk versiones anteriores a 6.2.6 y versiones 6.3.x anteriores a 6.3.5. Es posible subir un archivo arbitrario al directorio local ~/Downloads/ de la v\u00edctima si \u00e9sta usa el cliente Windows de AnyDesk para conectarse a una m\u00e1quina remota, si un atacante tambi\u00e9n es conectado remotamente con AnyDesk a la misma m\u00e1quina remota. La carga es realizada sin ninguna aprobaci\u00f3n o acci\u00f3n por parte de la v\u00edctima"}], "id": "CVE-2021-44426", "lastModified": "2022-09-16T15:09:37.113", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-12T21:15:09.127", "references": [{"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "https://anydesk.com/en/downloads/windows"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://argus-sec.com/discovering-tunneling-service-security-flaws-in-anydesk-remote-application/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}