Information Disclosure Vulnerability in RustDesk Client for Windows
CVE-2026-2490
5.5MEDIUM
What is CVE-2026-2490?
The RustDesk Client for Windows contains an information disclosure vulnerability within its Transfer File feature. A local attacker with the capability to execute low-privileged code can exploit this flaw by uploading a symbolic link, enabling them to gain unauthorized access to sensitive files on the system. This vulnerability poses significant risks, as it allows attackers to expose sensitive information in the context of SYSTEM rights, potentially leading to further exploitation.
Affected Version(s)
Client for Windows 1.4.1
