CVE-2026-45787
Analyzed Analyzed - Analysis Complete
Electerm Credential Exposure via Weak AES-192-CBC Encryption

Publication date: 2026-05-28

Last updated on: 2026-06-03

Assigner: GitHub, Inc.

Description
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common passwords across installs and perform undetected ciphertext bit-flips to alter config/bookmarks. This vulnerability is fixed in 3.9.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-03
Generated
2026-06-18
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-45787
EUVD
EUVD-2026-32959
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
electerm_project electerm to 3.9.5 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-326 The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
CWE-329 The product generates and uses a predictable initialization Vector (IV) with Cipher Block Chaining (CBC) Mode, which causes algorithms to be susceptible to dictionary attacks when they are encrypted under the same key.
CWE-759 The product uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the product does not also use a salt as part of the input.
CWE-353 The product uses a transmission protocol that does not include a mechanism for verifying the integrity of the data during transmission, such as a checksum.
CWE-916 The product generates a hash for a password, but it uses a scheme that does not provide a sufficient level of computational effort that would make password cracking attacks infeasible or expensive.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in Electerm versions prior to 3.9.5 involves the use of an insecure encryption method for syncing bookmark and profile data.

Specifically, it uses deterministic AES-192-CBC encryption with a fixed zero initialization vector (IV), a constant key derivation function (KDF) salt, and lacks a message authentication code (MAC).

These weaknesses lead to failures in both confidentiality and integrity of the data.

Attackers can exploit this to crack common passwords across different installations and perform undetected bit-flips in the ciphertext to alter configurations or bookmarks.

This vulnerability was fixed in Electerm version 3.9.5.

Impact Analysis

This vulnerability can impact you by compromising the confidentiality and integrity of your synced bookmark and profile data in Electerm.

Attackers with network access and low privileges can crack common passwords used across installations.

They can also perform undetected modifications to your configuration or bookmarks by altering the encrypted data without detection.

While the confidentiality impact is high, the integrity impact is low, and there is no impact on availability.

Detection Guidance

This vulnerability can be detected by identifying Electerm installations running versions prior to 3.9.5 that use the insecure encryption method for syncing bookmark and profile data.

Specifically, detection involves checking if Electerm is using deterministic AES-192-CBC encryption with a fixed zero initialization vector (IV), a constant key derivation function (KDF) salt, and no message authentication code (MAC).

Commands to detect vulnerable versions might include checking the Electerm version installed on your system, for example:

  • electerm --version
  • Checking the configuration or synced bookmark/profile data files for encryption format indicators (e.g., absence of "gcm:" prefix which indicates the newer AES-256-GCM format).

Network detection could involve monitoring for traffic patterns consistent with Electerm syncing data, but no specific network commands or signatures are provided in the available resources.

Mitigation Strategies

The immediate mitigation step is to upgrade Electerm to version 3.9.5 or later, where the vulnerability is fixed.

The fix involves changing the encryption algorithm from AES-192-CBC with fixed IV and salt to AES-256-GCM with a random initialization vector, random salt, and an authentication tag, which improves confidentiality and integrity.

Until the upgrade is applied, avoid using Electerm for syncing sensitive bookmark or profile data, and consider resetting passwords to stronger, less common ones to reduce the risk of password cracking.

Compliance Impact

The vulnerability in Electerm versions prior to 3.9.5 involves insecure encryption that leads to confidentiality and integrity failures for synced bookmark and profile data.

Such failures in protecting sensitive data could potentially impact compliance with data protection standards and regulations like GDPR and HIPAA, which require adequate safeguards to ensure confidentiality and integrity of personal and sensitive information.

Specifically, the use of deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no message authentication code (MAC) allows attackers to crack passwords and alter data undetected, which undermines data security controls mandated by these regulations.

Therefore, organizations using vulnerable versions of Electerm might face compliance risks if this vulnerability leads to unauthorized data access or modification.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45787. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart