CVE-2026-30783
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk29th percentile - higher than 29% of all known CVEs
Summary
A vulnerability in the RustDesk Client allows privilege abuse across multiple platforms, including Windows, MacOS, Linux, iOS, Android, and WebClient. This affects modules related to configuration management and the API sync loop.
Risk Assessment
Privilege abuse may lead to unauthorized access to systems and data, posing a significant security threat to the organization.
Recommendation
It is recommended to update the RustDesk Client to the latest version to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling. This issue affects RustDesk Client: through 1.4.8.

