PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-57850 RustDesk CVE debrief

CVE-2026-57850 is a high-severity vulnerability in RustDesk, a remote desktop application. The issue arises from the lack of server-side enforcement of session scope, allowing an authenticated remote peer to send control messages and login options reserved for a full Remote session, even if granted a limited session type. This vulnerability could allow an attacker to observe and control the host beyond the permissions granted. The CVE record was published on 2026-07-10T20:16:48.663Z and has not been modified since then. The NVD entry is currently 8.7 HIGH. Multiple references are provided, including links to the RustDesk GitHub repository, commit fixing the issue, and release notes for version 1.4.9. However, the record lacks detailed information on the scope of exploitation and potential impact on various platforms. Further verification is needed to assess the vulnerability's operational impact and affected systems.

Vendor
RustDesk
Product
Unknown
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-10
Original CVE updated
2026-07-10
Advisory published
2026-07-10
Advisory updated
2026-07-10

Who should care

Administrators and users of RustDesk versions prior to 1.4.9 should be aware of this vulnerability and take immediate action to update their installations. This vulnerability could allow an attacker to observe and control the host beyond the permissions granted.

Technical summary

The vulnerability exists because RustDesk does not properly validate the scope of a session on the server side. When a peer is granted a limited session type (FileTransfer, PortForward, ViewCamera, or Terminal), it should only be able to perform actions within that scope. However, due to the lack of scope enforcement, an authenticated remote peer can inject out-of-scope control messages. This could enable an attacker to access features and data not intended for their session type, potentially leading to unauthorized control and data exposure.

Defensive priority

High

Recommended defensive actions

  • Update RustDesk to version 1.4.9 or later
  • Restrict access to RustDesk for sensitive operations
  • Monitor RustDesk logs for suspicious activity
  • Implement additional access controls and authentication mechanisms
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented

Evidence notes

The CVE record was published on 2026-07-10T20:16:48.663Z and has not been modified since then. The NVD entry is currently 8.7 HIGH. Multiple references are provided, including links to the RustDesk GitHub repository, commit fixing the issue, and release notes for version 1.4.9. However, the record lacks detailed information on the scope of exploitation and potential impact on various platforms. Further verification is needed to assess the vulnerability's operational impact and affected systems.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-10T20:16:48.663Z and has not been modified since then. The NVD entry is currently 8.7 HIGH.