Vulnerabilities (CVE)

Filtered by vendor Idrive Subscribe

Filtered by product Remotepc

Total 6 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-34691	2 Idrive, Linux	2 Remotepc, Linux Kernel	2023-12-10	5.0 MEDIUM	7.5 HIGH
iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port.
CVE-2021-34688	2 Idrive, Microsoft	2 Remotepc, Windows	2023-12-10	2.1 LOW	3.3 LOW
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker.
CVE-2021-34692	2 Idrive, Microsoft	2 Remotepc, Windows	2023-12-10	7.2 HIGH	7.8 HIGH
iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.
CVE-2021-34689	2 Idrive, Microsoft	2 Remotepc, Windows	2023-12-10	2.1 LOW	5.5 MEDIUM
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files.
CVE-2021-34690	2 Idrive, Microsoft	2 Remotepc, Windows	2023-12-10	7.5 HIGH	9.8 CRITICAL
iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980.
CVE-2021-34687	2 Idrive, Microsoft	2 Remotepc, Windows	2023-12-10	2.9 LOW	5.3 MEDIUM
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.