Intel asks the user’s to uninstall the Intel Remote Keyboard for Android and iOS mobile device after researchers disclosed a critical security bug that allows attackers to inject keystrokes and to escalate privileges.
The Intel Remote Keyboard enables you to easily integrate your smartphone or tablet with a keyboard and mouse, improving your entertainment experience.
CVE-2018-3641 – Privilege escalation bug that allows an attacker to inject keystrokes as a local user
CVE-2018-3645 – Privilege escalation bug that allows a local attacker to inject keystrokes into another remote keyboard session.
CVE-2018-3638 – Privilege escalation bug allows an authorized local attacker to execute arbitrary code as a privileged user.
These bugs affected all the versions of the Intel Remote Keyboard including the last version 1.14 and the severity score of the bug is high. The keyboard app has more than 500,000 installations and it was last updated on June 5, 2017.
Intel says they are to discontinue the support for the remote app and recommends to uninstall the Remote Keyboard uninstall it at their earliest. It has been taken down from the play store.
“Intel has issued a Product Discontinuation notice for Intel Remote Keyboard and recommends that users of the Intel® Remote Keyboard uninstall it at their earliest convenience,” the company said.