Executive Risk Summary
"A default installation of RustDesk 1.2.3 on Windows places a potentially unwanted WDKTestCert certificate under Trusted Root Certification Authorities, which could allow arbitrary software to be signed if the private key is compromised. This poses a risk to system security due to the lack of public documentation on security measures for the private key."
Operational Audit Arsenal
Target Type Certificate
Target Asset WDKTestCert
Standard Path %windir%\System32\drivers\etc\certs
PowerShell
# 🛠️ Senior Engineer Universal Audit
# Target: WDKTestCert (Certificate)
$Targets = 'WDKTestCert'
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")
Get-ChildItem -Path $SearchPaths -Include $Targets -Recurse -ErrorAction SilentlyContinue |
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}Patch Impact Forecast
Reboot Required Unlikely
Certificate trust and code signing services may be affected
Internal Work Notes
Investigate and potentially remove the WDKTestCert certificate from Trusted Root Certification Authorities to prevent potential code signing vulnerabilities.
Technical Intelligence & Operational Utilities • Delivered Weekly
Intelligence Sources
Official Advisoryhttps://github.com/rustdesk/rustdesk/discussions/6444
Official Advisoryhttps://news.ycombinator.com/item?id=39256493
Official Advisoryhttps://serverfault.com/questions/837994
Official Advisoryhttps://github.com/rustdesk/rustdesk/discussions/6444
Official Advisoryhttps://news.ycombinator.com/item?id=39256493
Official Advisoryhttps://serverfault.com/questions/837994
Related RustDesk Threats
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.