Tuesday, January 14, 2025
HomeCVE/vulnerabilityIntel Alerts Users to Delete Remote keyboard App After Critical Security Bugs

Intel Alerts Users to Delete Remote keyboard App After Critical Security Bugs

Published on

Intel asks the user’s to uninstall the Intel Remote Keyboard for Android and iOS mobile device after researchers disclosed a critical security bug that allows attackers to inject keystrokes and to escalate privileges.

The Intel Remote Keyboard enables you to easily integrate your smartphone or tablet with a keyboard and mouse, improving your entertainment experience.

Also Read Intel Expands Bug Bounty Program Rewards To $250,000 for Meltdown and Spectre Like Vulnerabilities

CVE-2018-3641 – Privilege escalation bug that allows an attacker to inject keystrokes as a local user
CVE-2018-3645 – Privilege escalation bug that allows a local attacker to inject keystrokes into another remote keyboard session.
CVE-2018-3638 – Privilege escalation bug allows an authorized local attacker to execute arbitrary code as a privileged user.

These bugs affected all the versions of the Intel Remote Keyboard including the last version 1.14 and the severity score of the bug is high. The keyboard app has more than 500,000 installations and it was last updated on June 5, 2017.

Intel Remote Keyboard

Intel says they are to discontinue the support for the remote app and recommends to uninstall the Remote Keyboard uninstall it at their earliest. It has been taken down from the play store.

“Intel has issued a Product Discontinuation notice for Intel Remote Keyboard and recommends that users of the Intel® Remote Keyboard uninstall it at their earliest convenience,” the company said.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

Microsoft Warns of MFA Issue Affecting Microsoft 365 users

Microsoft has issued a warning regarding an ongoing issue with Multi-Factor Authentication (MFA) that...

RedCurl APT Deploys Malware via Windows Scheduled Tasks Exploitation

Researchers identified RedCurl APT group activity in Canada in late 2024, where the attackers...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

PoC Exploit Released for Critical macOS Sandbox Vulnerability (CVE-2024-54498)

A proof-of-concept (PoC) exploit has been publicly disclosed for a critical vulnerability impacting macOS...

IBM Robotic Process Automation Vulnerability Let Attackers Obtain Sensitive Data

A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential...

IBM Watsonx.ai Vulnerability Let Attackers Trigger XSS Attacks

A recently disclosed vulnerability, identified as CVE-2024-49785, has been found in IBM watsonx.ai, including its...