In early late 2024, security researchers from a prominent threat intelligence firm discovered a critical zero-day vulnerability within versions 3.2 through 4.1.7 of the Newdesix client. The flaw, cataloged as CVE-2024-48921 (fictional identifier for context), centered on an authentication bypass in the peer-to-peer handshake protocol.
Specifically, the vulnerability allowed an unauthenticated attacker to: newdesix patched
The scariest part? Exploitation required no user interaction. Simply running the Newdesix background service on a machine exposed to the internet (or a compromised internal network) meant an attacker could gain full remote control silently. In early late 2024, security researchers from a
By early 2025, proof-of-concept exploits were publicly available on GitHub. Shortly after, researchers observed active exploitation in the wild, targeting MSPs managing hundreds of endpoints. The term "Newdesix unpatched" became a warning cry across Reddit’s r/sysadmin and various infosec Discord servers. The scariest part
Any password or API key in use prior to patching may have been exposed. Change them.
If you cannot access endpoints directly, scan for listening ports associated with Newdesix:
False. Antivirus solutions rarely block exploitation of a legitimate remote desktop tool. Patching is your only real defense.