PT-2020-13376 · Teradici · Teradici Pcoip Graphics Agent For Windows+1

Published

2020-08-11

Updated

2020-08-13

CVE-2020-13177

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Teradici PCoIP Standard Agent for Windows versions prior to 20.04.1 Teradici Graphics Agent for Windows versions prior to 20.07.0

Description The issue allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path, due to the support bundler not using hard coded paths for certain Windows binaries.

Recommendations For Teradici PCoIP Standard Agent for Windows versions prior to 20.04.1, update to version 20.04.1 or later to resolve the issue. For Teradici Graphics Agent for Windows versions prior to 20.07.0, update to version 20.07.0 or later to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2020-13177

Affected Products

Teradici Pcoip Graphics Agent For Windows

Teradici Pcoip Standard Agent For Windows

PT-2020-13376 · Teradici · Teradici Pcoip Graphics Agent For Windows+1

CVE-2020-13177

Weakness Enumeration

Related Identifiers

Affected Products

References · 4