The application Remote Mouse contains a number of zero-days vulnerability that allow to remote attacker privileged access to the code without requiring an interactive user.
Cyber security researcher Axel Persinger found six Zer0-day vulnerabilities named MouseTrap. It is a suite of vulnerabilities and accompanying exploits that targets the RemoteMouse application and service.
What is Remote mouse?
Remote Mouse turns your mobile phone or tablet into a user-friendly remote control for your computer. It simulates the function of wireless mouse, keyboard and touchpad, also provides a variety of specialty control panels, such as Media Remote, Application Switcher and Web Browsing Remote.
Remote mouse app is available on Google Play and iOS App Store platforms.
10,000,000+ downloads on the Android App Store alone, there are a lot of oblivious users who could be completely owned without ever realizing. Here are the vulnerabilities/weaknesses documented:
- CVE-2021-27569: An issue was discovered in Emote Remote Mouse through 3.015. Attackers can maximize or minimize the window of a running process by sending the process name in a crafted packet. This information is sent in cleartext and is not protected by any authentication logic.
- CVE-2021-27570: An issue was discovered in Emote Remote Mouse through 3.015. Attackers can close any running process by sending the process name in a specially crafted packet. This information is sent in cleartext and is not protected by any authentication logic.
- CVE-2021-27571: An issue was discovered in Emote Remote Mouse through 3.015. Attackers can retrieve recently used and running applications, their icons, and their file paths. This information is sent in cleartext and is not protected by any authentication logic.
- CVE-2021-27572: An issue was discovered in Emote Remote Mouse through 3.015. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set.
- CVE-2021-27573: An issue was discovered in Emote Remote Mouse through 3.015. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication.
- CVE-2021-27574: An issue was discovered in Emote Remote Mouse through 3.015. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.
Update: The vendor has released an update, version 4.0.0.0 with new features, but did not patch any of the security vulnerabilities. Persinger has contacted MITRE to update the CVE descriptions to note the new version number.
