AnyDesk version 5.5.2 suffers from a remote code execution vulnerability.
4ed562c5421237da0626f1f62a26ff48
The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger the vulnerability. On successful exploitation, code is executed within the context of the user who started the AnyDesk GUI.
e9ef3a85832f0886a5ba8ac4e7bad664