CVE-2021-34688

More information about this CVE will likely be available in a few days.

Description

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker.

Related CPE's

Could not find any relations

References

https://raw.githubusercontent.com/jacob-baines/vuln_disclosure/main/vuln_2021_01.txt

https://www.remotepc.com/release-info

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io