Platform
windows
Component
unified-remote
Fixed in
3.9.1
CVE-2021-47891 describes a critical Remote Code Execution (RCE) vulnerability discovered in Unified Remote, a Windows application for controlling computers remotely. This vulnerability allows attackers to execute arbitrary commands on a target system by sending specially crafted network packets. The vulnerability affects versions 3.9.0.2463 through 3.9.0.2463, and a patch is expected from the vendor.
The impact of CVE-2021-47891 is severe. An attacker exploiting this vulnerability can gain complete control over the affected system. This includes the ability to install malware, steal sensitive data, modify system configurations, and potentially pivot to other systems on the network. The attack vector involves sending crafted network packets to port 9512, which is used by Unified Remote for communication. Successful exploitation requires network access to the target machine and knowledge of the protocol. The ease of exploitation, coupled with the potential for complete system compromise, makes this a high-priority vulnerability.
CVE-2021-47891 was published on 2026-01-23. The vulnerability's ease of exploitation and the potential for complete system compromise suggest a medium to high probability of exploitation. Public proof-of-concept (PoC) code may emerge, further increasing the risk. Check CISA and NVD for updates on exploitation activity and vendor advisories.
Exploit Status
EPSS
0.24% (47% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2021-47891 is to upgrade to a patched version of Unified Remote as soon as it becomes available. Until a patch is released, consider isolating affected systems from external networks to prevent potential exploitation. Network segmentation can limit the blast radius if a system is compromised. Firewall rules can be implemented to block inbound traffic to port 9512, preventing external attackers from exploiting the vulnerability. Monitor network traffic for suspicious connections to port 9512. After upgrading, confirm the vulnerability is resolved by attempting to connect to the system with a known malicious packet (if available) and verifying that the connection is rejected.
Update to a patched version of Unified Remote. The vulnerability allows remote code execution via malicious network packets sent to port 9512. Check the official download page for the latest secure version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-47891 is a critical Remote Code Execution vulnerability affecting Unified Remote versions 3.9.0.2463–3.9.0.2463, allowing attackers to execute commands via crafted network packets.
You are affected if you are using Unified Remote versions 3.9.0.2463 through 3.9.0.2463. Check your installed version and upgrade as soon as a patch is available.
The recommended fix is to upgrade to a patched version of Unified Remote. Until a patch is released, isolate affected systems and block port 9512.
While active exploitation is not yet confirmed, the vulnerability's severity and ease of exploitation suggest a potential for exploitation. Monitor for updates from CISA and NVD.
Refer to the vendor's website and security advisories for the latest information and patch releases regarding CVE-2021-47891.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.