First published: Tue Aug 11 2020(Updated: )
The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.
Credit: security@teradici.com
Affected Software | Affected Version | How to fix |
---|---|---|
Teradici Graphics Agent | <20.04.1 | |
Teradici Pcoip Standard Agent | <20.04.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-13177 is a vulnerability in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 that allows an attacker to gain elevated privileges by executing a malicious binary.
The severity of CVE-2020-13177 is high, with a CVSS score of 7.8.
CVE-2020-13177 affects Teradici Graphics Agent versions prior to 20.04.1, allowing attackers to gain elevated privileges.
CVE-2020-13177 affects Teradici PCoIP Standard Agent versions prior to 20.04.1, allowing attackers to gain elevated privileges.
To mitigate the CVE-2020-13177 vulnerability, it is recommended to update Teradici PCoIP Standard Agent and Graphics Agent to versions 20.04.1 or higher.