CVE-2026-45787
Published: 28 May 2026
Summary
CVE-2026-45787 is a medium-severity Inadequate Encryption Strength (CWE-326) vulnerability in Electerm Project Electerm. Its CVSS base score is 6.0 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unsecured Credentials (T1552); ranked at the 1.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-32959
Vulnerability details
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common passwords across installs and…
more
perform undetected ciphertext bit-flips to alter config/bookmarks. This vulnerability is fixed in 3.9.5.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Weak crypto enables credential recovery from synced data (T1552) and undetected tampering (T1565).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Information from security contacts highlights password hashing methods with insufficient computational effort, preventing their adoption.
Irrefutable evidence of actions requires integrity protection to prevent tampering or alteration of records.
Implements required signature-based integrity verification, addressing missing support for integrity checks on components.
Maintaining currency with technologies and practices reduces selection of encryption mechanisms that provide inadequate strength.
Updated assessments identify when previously adequate encryption strength no longer meets current attack capabilities or compliance drivers.
Requiring control over the integrity of all changes directly compels developers to implement integrity verification mechanisms rather than omitting them.
Tamper detection fundamentally depends on integrity-checking capabilities that this control mandates or strengthens.
Explicitly requires support for integrity and authenticity checks on components before acceptance into the system.