PT-2020-13377 · Teradici · Teradici Pcoip Graphics Agent For Windows+1

Published

2020-08-11

Updated

2020-08-13

CVE-2020-13178

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1

Description A function in the affected software does not properly validate the signature of an external binary. This could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.

Recommendations For versions prior to 20.04.1, update to version 20.04.1 or later to resolve the issue. As a temporary workaround, consider restricting the execution of external binaries in the context of the PCoIP Agent process until a patch is available.

Fix

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345

Related Identifiers

CVE-2020-13178

Affected Products

Teradici Pcoip Graphics Agent For Windows

Teradici Pcoip Standard Agent For Windows

PT-2020-13377 · Teradici · Teradici Pcoip Graphics Agent For Windows+1

CVE-2020-13178

Weakness Enumeration

Related Identifiers

Affected Products

References · 4