Search criteria
8 vulnerabilities found for pcoip_graphics_agent by teradici
CVE-2021-25694 (GCVE-0-2021-25694)
Vulnerability from nvd – Published: 2021-05-13 12:49 – Updated: 2024-08-03 20:11
VLAI?
Summary
Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/80/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-13T12:49:17",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://advisory.teradici.com/security-advisories/80/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2021-25694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/80/",
"refsource": "MISC",
"url": "https://advisory.teradici.com/security-advisories/80/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2021-25694",
"datePublished": "2021-05-13T12:49:17",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25688 (GCVE-0-2021-25688)
Vulnerability from nvd – Published: 2021-02-11 15:24 – Updated: 2024-08-03 20:11
VLAI?
Summary
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application logs.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | - PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux |
Affected:
Windows prior to 20.10.0, Linux prior to 21.01.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:28.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/73/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "- PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Windows prior to 20.10.0, Linux prior to 21.01.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user\u0027s password in the application logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T15:24:19",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://advisory.teradici.com/security-advisories/73/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2021-25688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "- PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux",
"version": {
"version_data": [
{
"version_value": "Windows prior to 20.10.0, Linux prior to 21.01.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user\u0027s password in the application logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/73/",
"refsource": "MISC",
"url": "https://advisory.teradici.com/security-advisories/73/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2021-25688",
"datePublished": "2021-02-11T15:24:19",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:28.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13173 (GCVE-0-2020-13173)
Vulnerability from nvd – Published: 2020-05-28 21:05 – Updated: 2024-08-04 12:11
VLAI?
Summary
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.
Severity ?
No CVSS data available.
CWE
- Information Disclosure, Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows |
Affected:
19.11.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/55/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "19.11.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure, Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-28T21:05:33",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://advisory.teradici.com/security-advisories/55/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2020-13173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows",
"version": {
"version_data": [
{
"version_value": "19.11.1 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure, Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/55/",
"refsource": "CONFIRM",
"url": "https://advisory.teradici.com/security-advisories/55/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2020-13173",
"datePublished": "2020-05-28T21:05:33",
"dateReserved": "2020-05-19T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-20362 (GCVE-0-2019-20362)
Vulnerability from nvd – Published: 2020-01-08 14:05 – Updated: 2024-08-05 02:39
VLAI?
Summary
In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:39:09.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\\Teradici\\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-08T14:05:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\\Teradici\\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier",
"refsource": "MISC",
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20362",
"datePublished": "2020-01-08T14:05:15",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-05T02:39:09.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25694 (GCVE-0-2021-25694)
Vulnerability from cvelistv5 – Published: 2021-05-13 12:49 – Updated: 2024-08-03 20:11
VLAI?
Summary
Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.643Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/80/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-13T12:49:17",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://advisory.teradici.com/security-advisories/80/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2021-25694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/80/",
"refsource": "MISC",
"url": "https://advisory.teradici.com/security-advisories/80/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2021-25694",
"datePublished": "2021-05-13T12:49:17",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:27.643Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25688 (GCVE-0-2021-25688)
Vulnerability from cvelistv5 – Published: 2021-02-11 15:24 – Updated: 2024-08-03 20:11
VLAI?
Summary
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application logs.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | - PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux |
Affected:
Windows prior to 20.10.0, Linux prior to 21.01.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:28.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/73/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "- PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Windows prior to 20.10.0, Linux prior to 21.01.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user\u0027s password in the application logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-11T15:24:19",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://advisory.teradici.com/security-advisories/73/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2021-25688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "- PCoIP Standard Agent for Windows - PCoIP Standard Agent for Linux - PCoIP Graphics Agent for Windows - PCoIP Graphics Agent for Linux",
"version": {
"version_data": [
{
"version_value": "Windows prior to 20.10.0, Linux prior to 21.01.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user\u0027s password in the application logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/73/",
"refsource": "MISC",
"url": "https://advisory.teradici.com/security-advisories/73/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2021-25688",
"datePublished": "2021-02-11T15:24:19",
"dateReserved": "2021-01-21T00:00:00",
"dateUpdated": "2024-08-03T20:11:28.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13173 (GCVE-0-2020-13173)
Vulnerability from cvelistv5 – Published: 2020-05-28 21:05 – Updated: 2024-08-04 12:11
VLAI?
Summary
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.
Severity ?
No CVSS data available.
CWE
- Information Disclosure, Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows |
Affected:
19.11.1 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://advisory.teradici.com/security-advisories/55/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "19.11.1 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure, Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-28T21:05:33",
"orgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"shortName": "Teradici"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://advisory.teradici.com/security-advisories/55/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@teradici.com",
"ID": "CVE-2020-13173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows",
"version": {
"version_data": [
{
"version_value": "19.11.1 and earlier"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure, Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://advisory.teradici.com/security-advisories/55/",
"refsource": "CONFIRM",
"url": "https://advisory.teradici.com/security-advisories/55/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ba3c294d-a544-4fff-ad44-2de7c7bbb6be",
"assignerShortName": "Teradici",
"cveId": "CVE-2020-13173",
"datePublished": "2020-05-28T21:05:33",
"dateReserved": "2020-05-19T00:00:00",
"dateUpdated": "2024-08-04T12:11:19.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-20362 (GCVE-0-2019-20362)
Vulnerability from cvelistv5 – Published: 2020-01-08 14:05 – Updated: 2024-08-05 02:39
VLAI?
Summary
In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:39:09.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\\Teradici\\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-08T14:05:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-20362",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\\Teradici\\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier",
"refsource": "MISC",
"url": "https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-20362",
"datePublished": "2020-01-08T14:05:15",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-05T02:39:09.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}