CVE-2021-35448

moderate-risk

Published 2021-06-24

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.

Do I need to act?

0.37% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

50047

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (1)

Emote Interactive Studio

Affected Vendors

Remotemouse

References (6)

Exploit https://deathflash.ml/blog/remote-mouse-lpe

Exploit https://leobreaker1411.github.io/blog/cve-2021-35448

Exploit https://www.exploit-db.com/exploits/50047

Exploit https://deathflash.ml/blog/remote-mouse-lpe

Exploit https://leobreaker1411.github.io/blog/cve-2021-35448

Exploit https://www.exploit-db.com/exploits/50047

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 8/34 · Low

Exposure 5/34 · Minimal