CVE-2021-27569

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
remotemouseemote_remote_mouse
𝑥
≤ 4.0.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://axelp.io/MouseTrap
https://remotemouse.net/blog/
https://axelp.io/MouseTrap
https://remotemouse.net/blog/