The vulnerability in RustDesk Client, classified as Authentication Bypass by Capture‑Replay and Use of Password Hash With Insufficient Computational Effort, allows an adversary to reuse session identifiers (session replay). By capturing a valid authentication proof, an attacker can replay it to bypass authentication and gain authorized access to a RustDesk session. This reflects a critical failure in the credential proof mechanism, corresponding to weaknesses that allow replay or reuse of authentication data (CWE‑294) and the lack of protective measures for cryptographic material (CWE‑916). The impact is the ability to impersonate a legitimate client or peer and possibly execute actions within the remote session without any additional credentials.

RustDesk Client versions up to and including 1.4.5 on all supported platforms—Windows, macOS, Linux, iOS, Android, and the web client—are affected. All installations of these platforms using the client login or peer authentication modules are vulnerable.

The CVSS score of 9.3 classifies this flaw as critical, and the EPSS score of <1% indicates a low estimated probability of exploitation, though the actual risk remains high due to the severe impact of credential bypass. The vulnerability is not listed in CISA’s KEV catalog. exploitation typically requires the attacker to obtain a valid session identifier, likely through network eavesdropping or a man‑in‑the‑middle position. Once the session ID is captured, the attacker can replay the authentication proof unopposed, gaining authorized access. The vendor’s recommended fix—adding a client‑side nonce and adopting SRP—directly addresses the root cause, while the workaround of enforcing long passwords and enabling two‑factor authentication raises the barrier for successful attacks until a patch is deployed.