CVE-2026-30798

HIGH

RustDesk Client <=1.4.5 - Protocol Manipulation

Title source: llm
STIX 2.1

Description

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop. This issue affects RustDesk Client: through 1.4.5.

References (3)

Scores

CVSS v3 7.5
EPSS 0.0003
EPSS Percentile 8.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

CWE
CWE-755 CWE-345
Status published
Products (2)
rustdesk/rustdesk < 1.4.5
rustdesk-client/RustDesk Client < 1.4.5
Published Mar 05, 2026
Tracked Since Mar 05, 2026