CVE Catalog

CVE-2026-30783

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.38%

29th percentile - higher than 29% of all known CVEs

Summary

A vulnerability in the RustDesk Client allows privilege abuse across multiple platforms, including Windows, MacOS, Linux, iOS, Android, and WebClient. This affects modules related to configuration management and the API sync loop.

Risk Assessment

Privilege abuse may lead to unauthorized access to systems and data, posing a significant security threat to the organization.

Recommendation

It is recommended to update the RustDesk Client to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling. This issue affects RustDesk Client: through 1.4.8.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS