CVE Catalog

CVE-2026-39031

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

The vulnerability in Lansweeper lsrunase 2.0 and lsencrypt 2.0 uses RC4 encryption with a hardcoded 142-byte static key. An 8-character prefix is stored in cleartext alongside the ciphertext, allowing a local attacker to recover any encrypted password to plaintext without brute force.

Risk Assessment

The organization is at risk of credential exposure, as any user with local access can decrypt stored passwords, potentially leading to unauthorized access to systems and data.

Recommendation

Immediately update Lansweeper lsrunase and lsencrypt to versions that do not use a static RC4 key, or implement alternative secure password storage methods.

Original NVD description (English source)

Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a single SHA-1 hash and RC4 decryption operation, with no brute force required.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS