CVE-2021-34689 Information

Description

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system’s Personal Key in world-readable %PROGRAMDATA% log files.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://raw.githubusercontent.com/jacob-baines/vuln_disclosure/main/vuln_2021_01.txt https://www.remotepc.com/release-info

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.5