Intel has decided that instead of fixing three security bugs affecting the Intel Remote Keyboard Android app, it would be easier to discontinue the application altogether.
The company announced its decision on Tuesday, following the discovery of three security bugs that affect all versions of the Intel Remote Keyboard.
This is an Android application that Intel launched in 2015 to allow users to wirelessly control Intel NUC and Intel Compute Stick single-board computers.
The bugs, discovered by three different researchers, when exploited, allow a nearby network attacker to inject keystrokes into remote keyboard sessions, and also execute malicious code on the user's Android device.
Two of the bugs have received a severity score of "high," but one of the issues was classified as "critical."
|CVE-2018-3641||9.0 (Critical)||Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.|
|CVE-2018-3645||8.8 (High)||Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.|
|CVE-2018-3638||7.2 (High)||Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.|
"Intel has issued a Product Discontinuation notice for Intel Remote Keyboard and recommends that users of the Intel Remote Keyboard uninstall it at their earliest convenience," the company said in a security advisory.
The Intel Remote Keyboard app had over 500,000 installations and an average rating of 3.8 out of 5.0, according to a cached version of its now-defunct official Google Play Store page. The app received its last update last June.