CVE-2026-3598

Summary

Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Config string generation, web console export modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routines Config export/generation routines.

This issue affects RustDesk Server Pro: through 1.7.5.

Affected Software

VendorProductVersion RangeStatus
rustdesk-server-proRustDesk Server Pro0 <= 1.7.5affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm
  • CWE-684: CWE-684

Workarounds

Treat config strings as public; restrict distribution to trusted channels only

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References