CVE-2026-30792 rustdesk-client CVE debrief

Who should care

Organizations and individuals using RustDesk Client versions through 1.4.8 on Windows, MacOS, Linux, iOS, Android, and WebClient should be aware of this vulnerability. Given the high severity and potential for Man-in-the-Middle attacks, users of RustDesk Client in enterprise environments, remote work setups, and personal use cases where security is paramount need to prioritize assessment and mitigation.

Technical summary

The CVE-2026-30792 vulnerability in RustDesk Client is caused by improper handling of API messages, allowing for manipulation via Man-in-the-Middle attacks. Affected components include Strategy sync, HTTP API client, and config options engine modules, specifically in the files src/hbbs_http/sync.Rs and hbb_common/src/config.Rs. The CVSS v4.0 score is 8.3, indicating high severity. The vulnerability is categorized under CWE-345 and CWE-657.

Defensive priority

High priority due to potential for Man-in-the-Middle attacks and high CVSS score.

Recommended defensive actions

• Inventory and assess current RustDesk Client versions in use across the organization.
• Review and apply vendor-supported remediation or patches for RustDesk Client.
• Implement compensating controls such as encryption and secure authentication mechanisms.
• Monitor for suspicious activity indicative of Man-in-the-Middle attacks.
• Review and update configuration settings to limit exposure.

Evidence notes

The primary evidence for this vulnerability comes from the NVD and CVE.org records. The vulnerability affects RustDesk Client versions through 1.4.8. Specific program files and routines impacted include src/hbbs_http/sync.Rs and hbb_common/src/config.Rs. Defenders should verify their current RustDesk Client version and review official advisories for mitigation steps.

Official resources