{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-30785","assignerOrgId":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","state":"PUBLISHED","assignerShortName":"VULSec","dateReserved":"2026-03-05T14:13:35.407Z","datePublished":"2026-03-05T16:04:36.443Z","dateUpdated":"2026-03-06T10:32:38.348Z"},"containers":{"cna":{"affected":[{"collectionURL":"https://github.com/rustdesk/rustdesk/releases","defaultStatus":"affected","modules":["Password security module","config encryption","machine UID"],"packageName":"rustdesk, hbb_common","platforms":["Windows","MacOS","Linux"],"product":"RustDesk Client","programFiles":["hbb_common/src/password_security.rs","hbb_common/src/config.rs","hbb_common/src/lib.rs (get_uuid)","machine-uid/src/lib.rs"],"programRoutines":[{"name":"symmetric_crypt()"},{"name":"encrypt_str_or_original()"},{"name":"decrypt_str_or_original()"},{"name":"get_uuid()"},{"name":"get_machine_id()"}],"repo":"https://github.com/rustdesk/hbb_common,https://github.com/rustdesk-org/machine-uid","vendor":"rustdesk-client","versions":[{"lessThanOrEqual":"1.4.5","status":"affected","version":"0","versionType":"custom"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Default — any desktop installation with permanent password or saved peers"}],"value":"Default — any desktop installation with permanent password or saved peers"}],"credits":[{"lang":"en","type":"finder","value":"Erez Kalman"},{"lang":"en","type":"reporter","value":"Erez Kalman"}],"datePublic":"2026-03-05T13:45:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data.<p> This vulnerability is associated with program files <tt>hbb_common/src/password_security.Rs</tt>, <tt>hbb_common/src/config.Rs</tt>, <tt>hbb_common/src/lib.Rs (get_uuid)</tt>, <tt>machine-uid/src/lib.Rs</tt> and program routines <tt>symmetric_crypt()</tt>, <tt>encrypt_str_or_original()</tt>, <tt>decrypt_str_or_original()</tt>, <tt>get_uuid()</tt>, <tt>get_machine_id()</tt>.</p><p>This issue affects RustDesk Client: through 1.4.5.</p>"}],"value":"Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id().\n\nThis issue affects RustDesk Client: through 1.4.5."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"PoC available. Trivially exploitable.<br>"}],"value":"PoC available. Trivially exploitable."}],"impacts":[{"capecId":"CAPEC-37","descriptions":[{"lang":"en","value":"CAPEC-37 Retrieve Embedded Sensitive Data"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"LOCAL","baseScore":8.2,"baseSeverity":"HIGH","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-257","description":"CWE-257","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-1321","description":"CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-323","description":"CWE-323","lang":"en","type":"CWE"}]},{"descriptions":[{"cweId":"CWE-916","description":"CWE-916 Use of Password Hash With Insufficient Computational Effort","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe","shortName":"VULSec","dateUpdated":"2026-03-05T17:05:28.602Z"},"references":[{"tags":["technical-description","x_--config documentation"],"url":"https://github.com/rustdesk/rustdesk/discussions/9229"},{"tags":["technical-description","x_--config documentation"],"url":"https://github.com/rustdesk/rustdesk/discussions/4979"},{"tags":["third-party-advisory","exploit"],"url":"https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub"},{"tags":["vdb-entry","third-party-advisory"],"url":"https://www.vulsec.org/"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."}],"value":"Use one-way hashing (Argon2id) for passwords. Use OS-native credential stores (DPAPI, Keychain, libsecret) for recoverable secrets. Apply proper KDF. Use random nonces."}],"source":{"discovery":"UNKNOWN"},"title":"RustDesk Encrypts Local Passwords with World-Readable Machine ID and Fixed Zero Nonce (XSalsa20-Poly1305)","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Set restrictive file permissions on TOML config files. Avoid saving peer passwords."}],"value":"Set restrictive file permissions on TOML config files. Avoid saving peer passwords."}],"x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-06T10:32:18.593322Z","id":"CVE-2026-30785","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-06T10:32:38.348Z"}}]}}