CVE-2026-30798

Summary

Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation.

This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.

This issue affects RustDesk Client: through 1.4.8.

Affected Software

VendorProductVersion RangeStatus
rustdesk-clientRustDesk Client0 <= 1.4.8affected

Weaknesses

  • CWE-345: CWE-345 Insufficient Verification of Data Authenticity
  • CWE-755: CWE-755 Improper Handling of Exceptional Conditions

Workarounds

None effective

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References