PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-15682 AnyDesk CVE debrief

CVE-2026-15682 is a denial-of-service vulnerability in AnyDesk's support information feature. Local attackers with low-privileged code execution can exploit it by creating a junction to create arbitrary files, leading to a denial-of-service condition. This vulnerability requires an attacker to first obtain the ability to execute low-privileged code on the target system. Users should be aware of the potential impact and ensure they are running a version that has addressed this issue.

Vendor
AnyDesk
Product
Unknown
CVSS
MEDIUM 4.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-13
Original CVE updated
2026-07-13
Advisory published
2026-07-13
Advisory updated
2026-07-13

Who should care

Users of AnyDesk should be aware of this vulnerability and ensure they are running a version that has addressed this issue. This vulnerability may impact organizations that use AnyDesk for remote support or other purposes. Operators, platform administrators, and security teams should review the affected scope and take necessary actions to mitigate the vulnerability.

Technical summary

The vulnerability exists within the Send Support Information feature of AnyDesk. An attacker can leverage this vulnerability to create a denial-of-service condition on the system by creating a junction and abusing the service to create arbitrary files. This requires the attacker to first obtain the ability to execute low-privileged code on the target system. The CVSS score for this vulnerability is 4.7, indicating a medium severity.

Defensive priority

Medium priority due to the CVSS score of 4.7 and the requirement for local, low-privileged code execution.

Recommended defensive actions

  • Inventory and verify the version of AnyDesk installed on all systems.
  • Apply the vendor's remediation for this vulnerability.
  • Implement compensating controls such as monitoring for suspicious activity related to the AnyDesk service.
  • Consider restricting access to the AnyDesk service to only those who require it.
  • Review relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-07-13T22:16:45.630Z and has not been modified since then. The NVD entry is currently in the 'Received' status. Limited details are available about the specific affected versions of AnyDesk or the exact steps to exploit this vulnerability. Defenders should verify the affected scope and take necessary actions to mitigate the vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-13T22:16:45.630Z and has not been modified since then. The NVD entry is currently in the 'Received' status.