Home RustDesk CVE-2026-30795
Back to RustDesk

CVE-2026-30795

RustDesk Client

RustDesk CVSS 7.5 Updated March 31, 2026

Executive Risk Summary

"A Cleartext Transmission of Sensitive Information vulnerability in RustDesk Client allows sniffing attacks, potentially exposing sensitive information. This vulnerability affects RustDesk Client versions through 1.4.5."

Anticipated Attack Path

  1. 1. An attacker intercepts RustDesk Client communication
  2. 2. The attacker extracts sensitive information from the cleartext transmission
  3. 3. The attacker uses the extracted information for malicious purposes

Am I Vulnerable?

  • Is your RustDesk Client version 1.4.5 or earlier?
  • Do you use the Heartbeat sync loop modules?
  • Is your network traffic not encrypted?

Operational Audit Arsenal

Target Type Program Files
Target Asset src/hbbs_http/sync.Rs
Standard Path RustDesk Client installation directory

Manual Verification Required

This is a non-Windows asset (RustDesk). Use the target asset details and official path provided above to verify your current version against the official vendor advisories listed below.

Patch Impact Forecast

Reboot Required Unlikely

Minimal

Internal Work Notes

RustDesk Client vulnerability CVE-2026-30795 - potential sensitive information exposure due to cleartext transmission

Technical Intelligence & Operational Utilities • Delivered Weekly

Intelligence Sources

Official Advisoryhttps://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub
Official Advisoryhttps://github.com/rustdesk/rustdesk
Official Advisoryhttps://www.vulsec.org/

Related RustDesk Threats

CVE-2024-25140 CVSS 9.8

RustDesk 1.2.3
CVE-2026-30793 CVSS 9.8

RustDesk Client
CVE-2026-30783 CVSS 9.8

RustDesk Client
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts provided for diagnostic purposes under MIT License.