PT-2021-16763 · Teradici · Teradici Pcoip Soft Client

Published

2021-07-21

Updated

2021-07-30

CVE-2021-25699

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Teradici PCoIP Software Client versions prior to 21.07.0

Description The issue allows an attacker to elevate privileges of the running process by placing a specially crafted dll in a build configuration directory, due to the OpenSSL component being compiled without the no-autoload-config option.

Recommendations For versions prior to 21.07.0, update to version 21.07.0 or later to resolve the issue.

Fix

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

CVE-2021-25699

Affected Products

Teradici Pcoip Soft Client

PT-2021-16763 · Teradici · Teradici Pcoip Soft Client

CVE-2021-25699

Weakness Enumeration

Related Identifiers

Affected Products

References · 3