IDrive RemotePC 4.2.3 for Android

CPE Details

IDrive RemotePC 4.2.3 for Android
idrive
remotepc
4.2.3
2021-07-21
11h51 +00:00
2021-07-21
11h54 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:idrive:remotepc:4.2.3:*:*:*:*:android:*:*

Informations

Vendor

idrive

Product

remotepc

Version

4.2.3

Target Software

android

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2021-34692 2021-07-15 11h20 +00:00 iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.
7.8
Haute
CVE-2021-34690 2021-07-15 11h18 +00:00 iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980.
9.8
Critique
CVE-2021-34689 2021-07-15 11h17 +00:00 iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files.
5.5
Moyen
CVE-2021-34688 2021-07-15 11h17 +00:00 iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker.
3.3
Bas
CVE-2021-34687 2021-07-15 11h17 +00:00 iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.
5.3
Moyen