Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for pcoip by teradici

    CVE-2021-25695 (GCVE-0-2021-25695)

    Vulnerability from nvd – Published: 2021-07-21 12:33 – Updated: 2024-08-03 20:11
    VLAI
    Summary
    The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver.
    Severity
    No CVSS data available.
    CWE
    • CWE-782 - Exposed IOCTL with Insufficient Access Control (CWE-782)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a - PCoIP Agent for Windows Affected: 21.07.0
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:11:27.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://advisory.teradici.com/security-advisories/100/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "- PCoIP Agent for Windows",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.07.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-782",
                  "description": "Exposed IOCTL with Insufficient Access Control (CWE-782)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-21T12:33:10.000Z",
            "orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
            "shortName": "Teradici"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://advisory.teradici.com/security-advisories/100/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@teradici.com",
              "ID": "CVE-2021-25695",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "- PCoIP Agent for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "21.07.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Exposed IOCTL with Insufficient Access Control (CWE-782)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://advisory.teradici.com/security-advisories/100/",
                  "refsource": "MISC",
                  "url": "https://advisory.teradici.com/security-advisories/100/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
        "assignerShortName": "Teradici",
        "cveId": "CVE-2021-25695",
        "datePublished": "2021-07-21T12:33:10.000Z",
        "dateReserved": "2021-01-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:11:27.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-25695 (GCVE-0-2021-25695)

    Vulnerability from cvelistv5 – Published: 2021-07-21 12:33 – Updated: 2024-08-03 20:11
    VLAI
    Summary
    The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver.
    Severity
    No CVSS data available.
    CWE
    • CWE-782 - Exposed IOCTL with Insufficient Access Control (CWE-782)
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a - PCoIP Agent for Windows Affected: 21.07.0
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T20:11:27.911Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://advisory.teradici.com/security-advisories/100/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "- PCoIP Agent for Windows",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.07.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-782",
                  "description": "Exposed IOCTL with Insufficient Access Control (CWE-782)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-21T12:33:10.000Z",
            "orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
            "shortName": "Teradici"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://advisory.teradici.com/security-advisories/100/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@teradici.com",
              "ID": "CVE-2021-25695",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "- PCoIP Agent for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "21.07.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Exposed IOCTL with Insufficient Access Control (CWE-782)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://advisory.teradici.com/security-advisories/100/",
                  "refsource": "MISC",
                  "url": "https://advisory.teradici.com/security-advisories/100/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
        "assignerShortName": "Teradici",
        "cveId": "CVE-2021-25695",
        "datePublished": "2021-07-21T12:33:10.000Z",
        "dateReserved": "2021-01-21T00:00:00.000Z",
        "dateUpdated": "2024-08-03T20:11:27.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }