CVE-2024-29073 – This vulnerability in Anki 24.04 allows arbitra... (How to Fix)

Q: What is the severity of CVE-2024-29073?

CVE-2024-29073 has a CVSS score of 5.3 (MEDIUM). This vulnerability in Anki 24.04 allows arbitrary file read through specially crafted LaTeX flashcards that bypass sanitization by using the verbatim package. Attackers can exploit this by sharing malicious flashcards with victims. Users of Anki 24.04 who open shared flashcards are affected.

📋 TL;DR

This vulnerability in Anki 24.04 allows arbitrary file read through specially crafted LaTeX flashcards that bypass sanitization by using the verbatim package. Attackers can exploit this by sharing malicious flashcards with victims. Users of Anki 24.04 who open shared flashcards are affected.

💻 Affected Systems

Products:

Ankitects Anki

Versions: 24.04

Operating Systems: Windows, Linux, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires LaTeX with verbatim package installed (common in default LaTeX distributions).

📦 What is this software?

Anki by Ankiweb

View all CVEs affecting Anki →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker reads sensitive system files (passwords, SSH keys, configuration files) from the victim's computer through a shared flashcard.

🟠

Likely Case

Local file disclosure of user data or configuration files from the Anki user's system when opening malicious shared flashcards.

🟢

If Mitigated

No impact if users don't open untrusted shared flashcards or have patched versions.

🌐 Internet-Facing: MEDIUM - Requires user interaction (opening shared flashcards) but can be distributed widely.

🏢 Internal Only: LOW - Primarily affects individual users rather than enterprise systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit requires creating and sharing malicious flashcards; no authentication needed to trigger vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 24.05 or later

Vendor Advisory: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1992

Restart Required: Yes

Instructions:

1. Open Anki. 2. Go to Help > Check for Updates. 3. Install update to version 24.05 or later. 4. Restart Anki.

🔧 Temporary Workarounds

Disable LaTeX rendering

all

Temporarily disable LaTeX processing in Anki to prevent exploitation

Not applicable - use Anki preferences

Remove verbatim package

linux

Uninstall the LaTeX verbatim package from your system

sudo apt remove texlive-latex-extra (Debian/Ubuntu)
sudo yum remove texlive-verbatim (RHEL/CentOS)
brew uninstall mactex (macOS)

🧯 If You Can't Patch

Do not open shared flashcards from untrusted sources
Use Anki in sandboxed/isolated environment

🔍 How to Verify

Check if Vulnerable:

Check Anki version in Help > About. If version is 24.04, you are vulnerable.

Check Version:

anki --version (Linux/macOS) or check Help > About (Windows)

Verify Fix Applied:

Verify Anki version is 24.05 or later in Help > About.

📡 Detection & Monitoring

Log Indicators:

Unusual LaTeX processing errors
File read attempts from unexpected locations

Network Indicators:

Download of suspicious shared flashcard decks

SIEM Query:

Not applicable for desktop application

📊 Metadata

CVE ID: CVE-2024-29073

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-829

Published: July 22, 2024

Last Updated: November 4, 2025

🔗 References

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1992 Exploit,Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2024-1992 Exploit,Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1992

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-29073, you might also want to check these: