Security News > 2020 > June > FabulaTech USB device vulnerability exposes devices to risk
A remote USB function in a software provider's code has been found to contain a significant vulnerability.
"USB for Remote Desktop," works by redirecting USB devices to remote sessions over Microsoft RDP, Teradici PCoIP, or Citrix ICA Protocols.
The crux of the issue is that the driver permits unprivileged users to add the virtual USB device.
A specific potential risk here could involve adding USB devices that can be used to directly manipulate applications on the host, such as keyboards or mice, which can enter information to harvest data or permit the execution or malicious code.
As a result, users of FabulaTech products are advised not to utilize USB for Remote Desktop, or at the very least not to do so on systems which contain or access confidential or security sensitive applications or data.