CVE-2022-1805

Name of the Vulnerable Software and Affected Versions PCoIP Zero Client (affected versions not specified)

Description The issue arises when connecting to Amazon Workspaces, as the SHA256 presented by the AWS connection provisioner is not fully verified by Zero Clients. This could be exploited by an adversary placing a Man in the Middle (MITM) between a zero client and the AWS session provisioner in the network. The issue is only applicable when connecting to an Amazon Workspace from a PCoIP Zero Client.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.