An issue exists in Emote Remote Mouse up to and including 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
remotemouse emote remote mouse |