CVE-2021-47792
BaseFortify
Publication date: 2026-01-16
Last updated on: 2026-01-16
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| remotemouse | remote_mouse | 3.008 |
| remotemouse | remote_mouse | 4.002 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47792 is an unquoted service path vulnerability in Remote Mouse versions 3.008 and 4.002. The RemoteMouseService executable path is not enclosed in quotes, which allows a local attacker to place a malicious executable in a path segment that the system might execute with elevated privileges when the service starts. This enables the attacker to execute arbitrary code with SYSTEM or administrative privileges on the affected machine. [1, 3]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to gain administrative access to your system by executing arbitrary code with elevated privileges. This means the attacker could potentially take full control of your computer, access sensitive data, install malware, or disrupt system operations. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking the service configuration of RemoteMouseService to see if the service path is unquoted. Use the command 'sc qc RemoteMouseService' to query the service configuration and look for the executable path without quotes. Additionally, you can use 'wmic service where name="RemoteMouseService" get PathName, StartMode' to confirm the unquoted path and whether the service is set to auto-start. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include correcting the unquoted service path by adding quotes around the executable path in the RemoteMouseService configuration to prevent execution of malicious executables. Alternatively, ensure that only trusted users have local access to the system to reduce the risk of exploitation. Updating or patching the Remote Mouse software to a version that addresses this vulnerability, if available, is also recommended. [1, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.