CVE-2021-34687

Name of the Vulnerable Software and Affected Versions: iDrive RemotePC versions prior to 7.6.48

Description: The issue allows information disclosure, where a man-in-the-middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.

Recommendations: For versions prior to 7.6.48, update to version 7.6.48 or later to resolve the issue. As a temporary workaround, consider restricting LAN connections until the update is applied.