CVE-2026-27182
BaseFortify
Publication date: 2026-02-18
Last updated on: 2026-02-19
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| saturn_remote_mouse_server | saturn_remote_mouse_server | to unreleased_version (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the Saturn Remote Mouse Server, where it allows unauthenticated attackers to execute arbitrary commands on the system.
Attackers on the local network can send specially crafted UDP JSON frames to port 27000 containing malformed packets with unsanitized command data.
Because the service forwards this command data directly to operating system execution functions without proper sanitization, it enables remote code execution under the service account.
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows attackers to execute arbitrary commands remotely on the affected system.
Since the execution happens under the service account, attackers could potentially gain control over the system, leading to data compromise, system disruption, or further network attacks.
The vulnerability requires local network access but does not require any authentication, increasing the risk within internal networks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know