Remotepc Security Vulnerabilities and Issues — Remotepc CVE List

Lucene search

IdriveRemotepc

6 matches found

CVE•added 2021/07/15 2:15 p.m.•35 views

CVE-2021-34691

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port.

7.5CVSS7.5AI score0.00531EPSS

CVE•added 2021/07/15 2:15 p.m.•34 views

CVE-2021-34687

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.

5.3CVSS4.9AI score0.00059EPSS

CVE•added 2021/07/15 2:15 p.m.•28 views

CVE-2021-34688

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attac...

3.3CVSS3.8AI score0.00187EPSS

CVE•added 2021/07/15 2:15 p.m.•28 views

CVE-2021-34689

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files.

5.5CVSS5.1AI score0.00066EPSS

CVE•added 2021/07/15 2:15 p.m.•28 views

CVE-2021-34692

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.

7.8CVSS7.7AI score0.00056EPSS

CVE•added 2021/07/15 2:15 p.m.•26 views

CVE-2021-34690

iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980.

9.8CVSS9.6AI score0.00948EPSS