Lucene search
K

78 matches found

Prion
Prion
added 2021/07/15 2:15 p.m.14 views

Privilege escalation

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges...

7.2CVSS7.7AI score0.00288EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/15 2:15 p.m.13 views

Information disclosure

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files...

2.1CVSS5.1AI score0.00276EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/15 2:15 p.m.19 views

Design/Logic Flaw

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port...

5CVSS7.5AI score0.01034EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/07/15 2:15 p.m.19 views

Information disclosure

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher...

2.9CVSS5AI score0.00231EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/15 1:20 p.m.19 views

CVE-2021-34692

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges...

7.9AI score0.00288EPSS
Exploits0References2
CVE
CVE
added 2021/07/15 1:20 p.m.40 views

CVE-2021-34692

CVE-2021-34692 affects iDrive RemotePC on Windows prior to 7.6.48. A local, low-privilege user can cause RemotePC to execute an attacker-controlled executable with SYSTEM privileges, enabling privilege escalation. The vulnerability stems from the product’s handling of executable execution, with e...

7.8CVSS7.7AI score0.00288EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/07/15 1:18 p.m.47 views

CVE-2021-34691

CVE-2021-34691 affects iDrive RemotePC on Linux prior to 4.0.1. A remote, unauthenticated attacker can cause a denial of service by disconnecting a valid user session via connecting to an ephemeral port. The advisory indicates the vulnerable version is before 4.0.1; mitigation is upgrading to 4.0...

7.5CVSS7.5AI score0.01034EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/15 1:18 p.m.22 views

CVE-2021-34691

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port...

7.7AI score0.01034EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/15 1:18 p.m.25 views

CVE-2021-34690

iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980...

9.9AI score0.01244EPSS
Exploits0References2
CVE
CVE
added 2021/07/15 1:18 p.m.42 views

CVE-2021-34690

The CVE affects iDrive RemotePC on Windows prior to version 7.6.48. A authentication bypass exists that allows a remote, unauthenticated attacker to bypass cloud authentication and connect to, and control, a system via TCP ports 5970 and 5980. Impact is high: attacker can take control without val...

9.8CVSS9.6AI score0.01244EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/07/15 1:17 p.m.44 views

CVE-2021-34689

Affected product: iDrive RemotePC on Windows. Version affected: prior to 7.6.48. Vulnerability type: information disclosure due to a flaw that allows a locally authenticated attacker to read the system’s Personal Key from world-readable log files in %PROGRAMDATA%. Root cause: Personal Key written...

5.5CVSS5.1AI score0.00276EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/15 1:17 p.m.29 views

CVE-2021-34689

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files...

5.4AI score0.00276EPSS
Exploits0References2
CVE
CVE
added 2021/07/15 1:17 p.m.40 views

CVE-2021-34688

CVE-2021-34688 affects iDrive RemotePC on Windows prior to 7.6.48. A locally authenticated attacker can read an encrypted version of the system’s Personal Key from world-readable log files in %PROGRAMDATA%, because the encryption uses a hard-coded static key, making it reversible. The issue is a ...

3.3CVSS3.8AI score0.00162EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/15 1:17 p.m.22 views

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an...

4AI score0.00162EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/07/15 1:17 p.m.27 views

CVE-2021-34687

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher...

5.2AI score0.00231EPSS
Exploits0References2
CVE
CVE
added 2021/07/15 1:17 p.m.50 views

CVE-2021-34687

CVE-2021-34687 affects iDrive RemotePC on Windows prior to 7.6.48. The vulnerability enables information disclosure where a man-in-the-middle can recover the system Personal Key during a LAN connection, because the key is transmitted over the network with only a substitution cipher for encryption.

5.3CVSS4.9AI score0.00231EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/07/15 12:0 a.m.5 views

Idrive IDrive 安全漏洞

Idrive IDrive is a suite of cloud backup and cloud storage service solutions from IDrive USA. A security vulnerability exists in iDrive RemotePC, which stems from the iDrive RemotePC Allowed Elevation of Privilege on Windows prior to 7.6.48. An attacker can exploit the vulnerability to force...

7.8CVSS7.5AI score0.00288EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/07/15 12:0 a.m.5 views

iDrive RemotePC 加密问题漏洞

iDrive RemotePC is remote control software from iDrive, Inc. A vulnerability in encryption issues exists in iDrive RemotePC versions prior to 7.6.48 on Windows, which stems from an error in the configuration of the product during operation, among other things. An unauthorized attacker could explo...

5.3CVSS5.9AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/15 12:0 a.m.6 views

IDrive 日志信息泄露漏洞

Idrive IDrive is a suite of cloud backup and cloud storage service solutions from US-based IDrive Idrive. A log message disclosure vulnerability exists in iDrive RemotePC versions prior to 7.6.48, where a locally authenticated attacker can read the system's personal key...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/07/15 12:0 a.m.7 views

IDrive 授权问题漏洞

Idrive IDrive is a suite of cloud backup and cloud storage service solutions from IDrive USA. A security vulnerability exists in iDrive RemotePC versions prior to 7.6.48 that allows an unauthenticated attacker to bypass cloud authentication and connect to and control the system via TCP ports 5970...

9.8CVSS8.3AI score0.01244EPSS
Exploits0References3
Rows per page
Query Builder