NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:idrive:remotepc:7.2.4:*:*:*:*:windows:*:*
CPE Name Search: true

There are 5 matching records.

Displaying matches 1 through 5.

Vuln ID	Summary	CVSS Severity
CVE-2021-34692	iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. Published: July 15, 2021; 10:15:21 AM -0400	V4.0:(not available) V3.1: 7.8 HIGH V2.0: 7.2 HIGH
CVE-2021-34690	iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. Published: July 15, 2021; 10:15:21 AM -0400	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH
CVE-2021-34689	iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. Published: July 15, 2021; 10:15:20 AM -0400	V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 2.1 LOW
CVE-2021-34688	iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. Published: July 15, 2021; 10:15:20 AM -0400	V4.0:(not available) V3.1: 3.3 LOW V2.0: 2.1 LOW
CVE-2021-34687	iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. Published: July 15, 2021; 10:15:20 AM -0400	V4.0:(not available) V3.1: 5.3 MEDIUM V2.0: 2.9 LOW