CVE-2026-44040
MediumCVSS 4.8Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. The vncRandomBytes() function seeds libc rand() with time(0) + getpid() + rand(), resulting in a seed space of approximately 31 bits determined by publicly observable values. An attacker can predict the challenge within seconds, enabling forgery or offline brute-forcing of responses.
Risk Assessment
The organization is at risk of session hijacking by an attacker who can observe the authentication exchange and predict the challenge, leading to unauthorized remote desktop access and potential data theft.
Recommendation
Immediately upgrade UltraVNC to a version newer than 1.8.2.2 that fixes the weak generator. If an update is unavailable, restrict VNC access to trusted networks and consider using VPN tunneling.
Original NVD description (English source)
UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. In rfb/vncauth.c:119-129, the vncRandomBytes() function seeds libc rand() with time(0) + getpid() + rand() and generates a 16-byte challenge. The combined seed space is approximately 31 bits (libc rand() internal state) and is entirely determined by publicly-observable values (wall-clock time and process ID). An attacker who can observe the authentication exchange can enumerate the seed space and predict the challenge within seconds, enabling forgery or offline brute-forcing of responses. Note: on Windows, the active code path may use vncEncryptBytes2.cpp which calls CryptGenRandom; reachability on shipped Windows binaries requires compile-graph verification and is under investigation.

