CVE-2021-35448

Name of the Vulnerable Software and Affected Versions: Emote Interactive Remote Mouse version 3.008

Description: The issue allows attackers to execute arbitrary programs as Administrator. This is achieved by utilizing the Image Transfer Folder feature to navigate to cmd.exe, which enables the execution of commands with elevated privileges. The software binds to local ports to listen for incoming connections, potentially increasing the attack surface.

Recommendations: For Emote Interactive Remote Mouse version 3.008, consider disabling the Image Transfer Folder feature until a patch is available to prevent attackers from navigating to cmd.exe and executing arbitrary programs as Administrator. Restrict access to local ports used by the software to minimize the risk of exploitation.