Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-34688 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2022-07-12 | 2.1 LOW | 3.3 LOW |
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. | |||||
CVE-2021-34687 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2022-07-12 | 2.9 LOW | 5.3 MEDIUM |
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. | |||||
CVE-2021-34690 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2021-08-03 | 7.5 HIGH | 9.8 CRITICAL |
iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. | |||||
CVE-2021-34691 | 2 Idrive, Linux | 2 Remotepc, Linux Kernel | 2021-07-27 | 5.0 MEDIUM | 7.5 HIGH |
iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port. | |||||
CVE-2021-34692 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2021-07-26 | 7.2 HIGH | 7.8 HIGH |
iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. | |||||
CVE-2021-34689 | 2 Idrive, Microsoft | 2 Remotepc, Windows | 2021-07-26 | 2.1 LOW | 5.5 MEDIUM |
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. |