CVE-2021-47792
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-16

Last updated on: 2026-01-16

Assigner: VulnCheck

Description
Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-16
Last Modified
2026-01-16
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-14
NVD
CVE-2021-47792
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
remotemouse remote_mouse 3.008
remotemouse remote_mouse 4.002
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47792 is an unquoted service path vulnerability in Remote Mouse versions 3.008 and 4.002. The RemoteMouseService executable path is not enclosed in quotes, which allows a local attacker to place a malicious executable in a path segment that the system might execute with elevated privileges when the service starts. This enables the attacker to execute arbitrary code with SYSTEM or administrative privileges on the affected machine. [1, 3]

Impact Analysis

This vulnerability can allow a local attacker to gain administrative access to your system by executing arbitrary code with elevated privileges. This means the attacker could potentially take full control of your computer, access sensitive data, install malware, or disrupt system operations. [1, 3]

Detection Guidance

You can detect this vulnerability by checking the service configuration of RemoteMouseService to see if the service path is unquoted. Use the command 'sc qc RemoteMouseService' to query the service configuration and look for the executable path without quotes. Additionally, you can use 'wmic service where name="RemoteMouseService" get PathName, StartMode' to confirm the unquoted path and whether the service is set to auto-start. [1]

Mitigation Strategies

Immediate mitigation steps include correcting the unquoted service path by adding quotes around the executable path in the RemoteMouseService configuration to prevent execution of malicious executables. Alternatively, ensure that only trusted users have local access to the system to reduce the risk of exploitation. Updating or patching the Remote Mouse software to a version that addresses this vulnerability, if available, is also recommended. [1, 3]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47792. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart