CVE-2026-44040 PUBLISHED

UltraVNC vncauth.c uses time-seeded libc rand() to generate VNC authentication challenge bytes

Assigner: securin
Reserved: 05.05.2026 Published: 01.07.2026 Updated: 01.07.2026

UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. In rfb/vncauth.c:119-129, the vncRandomBytes() function seeds libc rand() with time(0) + getpid() + rand() and generates a 16-byte challenge. The combined seed space is approximately 31 bits (libc rand() internal state) and is entirely determined by publicly-observable values (wall-clock time and process ID). An attacker who can observe the authentication exchange can enumerate the seed space and predict the challenge within seconds, enabling forgery or offline brute-forcing of responses. Note: on Windows, the active code path may use vncEncryptBytes2.cpp which calls CryptGenRandom; reachability on shipped Windows binaries requires compile-graph verification and is under investigation.

Metrics

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVSS Score: 4.8

Product Status

Vendor uvnc
Product UltraVNC
Versions Default: unaffected
  • affected from 0 to 1.8.2.2 (incl.)

Credits

  • Arjun Basnet, Securin (arjun.basnet@securin.io) finder

References

Problem Types

  • Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) CWE