本ページは idrive remotepc に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2021-34692 | iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. | [email protected] | 7.8 | 0.29% | 2021-07-15 | 2026-06-16 |
| CVE-2021-34691 | iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port. | [email protected] | 7.5 | 1.03% | 2021-07-15 | 2026-06-16 |
| CVE-2021-34690 | iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. | [email protected] | 9.8 | 1.24% | 2021-07-15 | 2026-06-16 |
| CVE-2021-34689 | iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. | [email protected] | 5.5 | 0.28% | 2021-07-15 | 2026-06-16 |
| CVE-2021-34688 | iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. | [email protected] | 3.3 | 0.16% | 2021-07-15 | 2026-06-16 |
| CVE-2021-34687 | iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. | [email protected] | 5.3 | 0.23% | 2021-07-15 | 2026-06-16 |