CVE-2020-13173

Name of the Vulnerable Software and Affected Versions Teradici PCoIP Standard Agent for Windows versions 19.11.1 and earlier Teradici PCoIP Graphics Agent for Windows versions 19.11.1 and earlier

Description The initialization of the pcoip credential provider creates an insecure named pipe, allowing an attacker to intercept sensitive information or possibly elevate privileges by pre-installing an application that acquires the named pipe.

Recommendations For Teradici PCoIP Standard Agent for Windows versions 19.11.1 and earlier, consider updating to a version later than 19.11.1 to resolve the issue. For Teradici PCoIP Graphics Agent for Windows versions 19.11.1 and earlier, consider updating to a version later than 19.11.1 to resolve the issue. As a temporary workaround, consider restricting access to the pcoip credential provider to minimize the risk of exploitation.