Vulnerabilities > CVE-2021-34692 - Inclusion of Functionality from Untrusted Control Sphere vulnerability in Idrive Remotepc

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
idrive
CWE-829
NVD
Published: 2021-07-15
Updated: 2021-07-26

Summary

iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges.

Vulnerable Configurations

Part Description Count
Application
Idrive
248
OS
Microsoft
1

Common Weakness Enumeration (CWE)

References