CVE-2026-39031: n/a
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded static key to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext, enabling an attacker with local access to decrypt passwords without brute force. This vulnerability allows recovery of plaintext passwords using a single SHA-1 hash and RC4 decryption operation.
AI Analysis
Technical Summary
The Lansweeper components lsrunase 2.0 and lsencrypt 2.0 employ RC4 encryption with a hardcoded 142-byte static key array to protect credentials. Because an 8-character prefix is stored in cleartext next to the ciphertext, an attacker who has local access can recover any encrypted password to plaintext by performing a single SHA-1 hash and RC4 decryption operation. No brute force or additional cryptanalysis is required, making the encryption effectively reversible by an attacker with local system access.
Potential Impact
An attacker with local access to a system running vulnerable versions of Lansweeper lsrunase 2.0 or lsencrypt 2.0 can recover encrypted passwords in plaintext. This compromises credential confidentiality and may lead to unauthorized access or privilege escalation on the affected system. The vulnerability undermines the security of stored credentials due to weak encryption and key management.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict local access to systems running these Lansweeper components to trusted users only. Monitor vendor communications for updates regarding patches or mitigations.
CVE-2026-39031: n/a
Description
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded static key to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext, enabling an attacker with local access to decrypt passwords without brute force. This vulnerability allows recovery of plaintext passwords using a single SHA-1 hash and RC4 decryption operation.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Lansweeper components lsrunase 2.0 and lsencrypt 2.0 employ RC4 encryption with a hardcoded 142-byte static key array to protect credentials. Because an 8-character prefix is stored in cleartext next to the ciphertext, an attacker who has local access can recover any encrypted password to plaintext by performing a single SHA-1 hash and RC4 decryption operation. No brute force or additional cryptanalysis is required, making the encryption effectively reversible by an attacker with local system access.
Potential Impact
An attacker with local access to a system running vulnerable versions of Lansweeper lsrunase 2.0 or lsencrypt 2.0 can recover encrypted passwords in plaintext. This compromises credential confidentiality and may lead to unauthorized access or privilege escalation on the affected system. The vulnerability undermines the security of stored credentials due to weak encryption and key management.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict local access to systems running these Lansweeper components to trusted users only. Monitor vendor communications for updates regarding patches or mitigations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-04-06T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3ee65a27e9c79719e9ee31
Added to database: 06/26/2026, 20:51:38 UTC
Last enriched: 06/26/2026, 20:51:47 UTC
Last updated: 06/26/2026, 20:51:47 UTC
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.