Skip to main content

RustDesk CVE-2026-58056

| EUVDEUVD-2026-39976 HIGH
Incorrect Authorization (CWE-863)
2026-06-28 VulnCheck GHSA-vp3r-hwqm-x826
7.2
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
7.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.6 HIGH

Network-reachable, low complexity, no UI; PR:L because a valid FileTransfer authorization is required; high integrity from input injection/control, lower confidentiality from screen capture and lower availability.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulnCheck).

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 28, 2026 - 02:32 vuln.today
CVSS changed
Jun 28, 2026 - 02:22 NVD
7.6 (HIGH) 7.2 (HIGH)

DescriptionCVE.org

RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject keyboard and mouse input and reach the unguarded screenshot and display-capture handlers, acting outside its granted scope.

AnalysisAI

Authorization scope bypass in RustDesk lets a peer holding only a FileTransfer authorization inject keyboard and mouse input and invoke the screenshot and display-capture handlers, escalating a limited file-transfer session into full interactive remote control and screen surveillance. The defect arises because RustDesk gates incoming control messages on per-capability flags that a file-transfer session never clears, rather than on the session's authorized connection type. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain valid FileTransfer authorization
Delivery
Establish file-transfer session
Exploit
Send keyboard/mouse and capture control messages
Execution
Capability flags never cleared, handlers execute
Persist
Inject input and capture screen
Impact
Interactive control beyond granted scope

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to first hold a valid FileTransfer authorization to the target RustDesk peer (PR:L) - an accepted file-transfer session must exist, so this is not a fully unauthenticated attack. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N, VC:L/VI:H/VA:L, base 7.2 High) describes a network-reachable, low-complexity attack requiring low privileges and no user interaction, with high integrity impact (input injection and control) and lower confidentiality and availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker obtains a legitimate FileTransfer-only authorization to a RustDesk peer - for example, by posing as a vendor performing a file-only support task. Rather than limiting themselves to file transfer, they send keyboard and mouse control messages and invoke the screenshot/display-capture handlers, gaining interactive control and live screen visibility of the victim host. …
Remediation No vendor-released patch version is identified in the provided data (No vendor-released patch identified at time of analysis), so the primary action is to track the VulnCheck advisory (https://www.vulncheck.com/advisories/rustdesk-filetransfer-session-authorization-scope-bypass) and the upstream RustDesk project for a fixed release and upgrade to the exact patched version as soon as it is published. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: audit active RustDesk deployments and identify sessions granted file-transfer authorization; categorize by system sensitivity. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-58056 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy