CVE-2026-30798 rustdesk-client CVE debrief

Who should care

Organizations and individuals using RustDesk Client versions through 1.4.8 on Windows, MacOS, Linux, iOS, and Android should prioritize patching this vulnerability. Given the high CVSS score of 8.2, defenders must assess their exposure and take immediate action to limit potential risks associated with protocol manipulation.

Technical summary

The vulnerability CVE-2026-30798 is caused by Insufficient Verification of Data Authenticity and Improper Handling of Exceptional Conditions in RustDesk Client. Specifically, the heartbeat sync loop and strategy processing modules are affected, which are associated with the program files src/hbbs_http/sync.Rs and the stop-service handler. This issue allows for Protocol Manipulation and affects RustDesk Client versions through 1.4.8 across various platforms including Windows, MacOS, Linux, iOS, and Android.

Defensive priority

High priority due to CVSS score of 8.2 and potential for protocol manipulation.

Recommended defensive actions

• Inventory and assess exposure of RustDesk Client versions through 1.4.8
• Review official advisories and documentation for mitigation strategies
• Apply patches or updates provided by the vendor to RustDesk Client
• Implement compensating controls to monitor and limit potential protocol manipulation attempts
• Track exceptions and anomalies in heartbeat sync loop and strategy processing modules

Evidence notes

The primary evidence for this vulnerability comes from the CVE record and NVD detail pages. The vulnerability affects RustDesk Client versions through 1.4.8. Defenders should verify the version of RustDesk Client in use and check for any patches or updates provided by the vendor. The CVE and NVD entries provide crucial information on the affected products and potential impacts.

Official resources