The open-source remote desktop software “Any Desk” has been affected by a vulnerability could allow attackers to uncover users’ IP addresses, posing significant privacy risks.
The vulnerability tracked as CVE-2024-52940 with a CVSS score of 7.5 that “Allow Direct Connections” feature on Windows systems and affects AnyDesk versions 8.1.0 and below. When “Allow Direct Connections” is enabled and the connection port is set to 7070 on the attacker’s system, it allows them to retrieve the public IP address of a target using only their AnyDesk ID.
The implications of this vulnerability are significant, especially in scenarios where remote access tools are not adequately protected. Leaked IP addresses can be used for further attacks, including targeted phishing campaigns, denial-of-service attacks, or even to pinpoint a user’s physical location.
Security researcher Shafiei has published proof-of-concept exploit code for this vulnerability on Github, highlighting the urgency of the situation. He emphasizes the need for an update or patch from AnyDesk’s development team to fully address the issue.
Currently, no official fix is available from AnyDesk. Users are advised to exercise caution when using the “Allow Direct Connections” feature and consider disabling it until a patch is released.
