Primary

Context

RustDesk Client for Windows Transfer File Link Information Disclosure Vulnerability

Vulnerability

An information disclosure vulnerability has been identified in the RustDesk Client for Windows, specifically within the Transfer File feature. This vulnerability allows local attackers to read arbitrary files by uploading a symbolic link, potentially disclosing sensitive information in the context of the SYSTEM user. To exploit this vulnerability, an attacker must first have the ability to execute low-privileged code on the target system.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive files on the affected system.

Remediation

RustDesk has released an update to address this vulnerability. Details about the update can be found in the RustDesk GitHub repository.

Added: Feb 20, 2026, 11:18 PM

Updated: Feb 20, 2026, 11:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.5

remediation

0.0

relevance

3.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.8

exploitability

3.5

remediation

0.0

relevance

3.2

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

RustDesk Client for Windows Transfer File Link Information Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating