Impact
The flaw resides in the RustDesk client’s login proof construction. The client sends a secret proof calculated as SHA‑256(SHA‑256(password + salt) + challenge) where both the salt and the challenge are generated by the server and no client‑side nonce is involved. Because this computation uses a fast double SHA‑256 instead of a slow key‑derivation function, an attacker who captures a proof can perform an offline password‑brute‑force attack to recover the password. The vulnerability involves weaknesses identified by CWE‑294 and CWE‑916, as the client’s login limiter and the existing LOGIN_FAILURES counter only constrain online attempts and do not mitigate the offline attack. Even though the challenge is regenerated for each connection, which removes replayability, the lack of a client‑side nonce allows reuse of the captured proof for offline attacks.
Affected Systems
RustDesk Client versions through 1.4.8 on all supported platforms—Windows, macOS, Linux, iOS, Android, and the web client—are affected. The vulnerability impacts the client login and peer authentication modules, allowing anyone who can observe or capture an authentication proof to attempt offline cracking of the password.
Risk and Exploitability
The CVSS score of 5.7 indicates a moderate‑severity flaw. The EPSS score of < 1% suggests low expected exploitation frequency, yet the potential impact remains significant because the attacker can peacefully recover credentials offline once they obtain a single proof. The vulnerability is not listed in CISA’s KEV catalog. Exploitation requires the attacker to position a rogue or on‑path API/relay server that can supply chosen salts and challenges and capture the resulting proof; an offline brute‑force attack then can be executed against the recovered proof. The existing online login failure counter and OTP brute‑force limiter do not deter this offline scenario. The recommended vendor fix—adding a client‑side nonce and adopting SRP—directly addresses the root cause, while the workaround of enforcing 16‑character‑or‑longer passwords and enabling two‑factor authentication raises the effort required for a successful brute‑force attempt until a patch is deployed.
OpenCVE Enrichment