CVE-2026-3787
HIGHCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2Description
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
UltraVNC 1.6.4.0 on Windows contains an uncontrolled search path vulnerability in cryptbase.dll that allows local authenticated attackers with low privileges to achieve arbitrary code execution through DLL hijacking. Successful exploitation requires local access and considerable technical complexity, though the vendor has not provided a patch despite early disclosure notification. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running UltraVNC 1.6.4.0 and assess business criticality; disable UltraVNC on non-essential systems immediately. Within 7 days: Implement network segmentation to restrict UltraVNC traffic to authorized administrative networks only; enable Enhanced Session Mode and enforce strong authentication if UltraVNC remains enabled. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today