Latest Teradici Vulnerabilities

CVE-2017-20121
A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Database Management. The m...
Teradici PCoIP Management Console=2.2.0
CVE-2021-25701
The fUSBHub driver in the PCoIP Software Client prior to version 21.07.0 had an error in object management during the handling of a variety of IOCTLs, which allowed an attacker to cause a denial of se...
Teradici Pcoip Client<21.07.0
CVE-2021-25699
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the r...
Teradici Pcoip Client<21.07.0
CVE-2021-25695
The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program exe...
Teradici Pcoip<21.07.0
CVE-2021-35451
In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text into user browser via the Web application.
Teradici PCoIP Management Console=20.07.0
CVE-2021-25693
An attacker may cause a Denial of Service (DoS) in multiple versions of Teradici PCoIP Agent via a null pointer dereference.
>=20.10<20.10.6
>=21.01<21.01.5
>=21.03<21.03.1
CVE-2021-25694
Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.
Teradici Pcoip Graphics Agent<21.03
CVE-2021-25692
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3.
Teradici Pcoip Connection Manager And Security Gateway>=20.07<20.07.1
Teradici Pcoip Connection Manager And Security Gateway>=21.01<21.01.3
CVE-2021-25690
A null pointer dereference in Teradici PCoIP Soft Client versions prior to 20.07.3 could allow an attacker to crash the software.
Teradici Pcoip Soft Client<=20.07.2
Teradici Pcoip Soft Client<=20.07.2
Teradici Pcoip Soft Client<=20.07.2
CVE-2021-25689
An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker to remotely execute code.
Teradici Pcoip Soft Client<=20.10.0
Teradici Pcoip Soft Client<=20.10.0
Teradici Pcoip Soft Client<=20.10.0
CVE-2021-25688
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents for Linux prior to version 21.01.0 may log parts of a user's password in the application ...
Teradici Pcoip Graphics Agent<20.10.0
Teradici Pcoip Graphics Agent<21.01.0
Teradici Pcoip Standard Agent<20.10.0
Teradici Pcoip Standard Agent<21.01.0
CVE-2020-13185
Certain web application pages in the authenticated section of the Teradici Cloud Access Connector prior to v18 were accessible without the need to specify authentication tokens, which allowed an attac...
Teradici Cloud Access Connector<18
CVE-2020-13183
Reflected Cross Site Scripting in Teradici PCoIP Management Console prior to 20.07 could allow an attacker to take over the user's active session if the user is exposed to a malicious payload.
Teradici PCoIP Management Console<20.07
CVE-2020-13179
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confident...
Teradici Graphics Agent<20.04.1
Teradici Pcoip Standard Agent<20.04.1
CVE-2020-13177
The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which ...
Teradici Graphics Agent<20.04.1
Teradici Pcoip Standard Agent<20.04.1
CVE-2020-13174
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicio...
Teradici PCoIP Management Console=20.01.1
Teradici PCoIP Management Console=20.04
CVE-2020-13178
A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an...
Teradici Graphics Agent<20.04.1
Teradici Pcoip Standard Agent<20.04.1
CVE-2020-13176
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 (v16 and earlier for the Cloud Access Connector) contains a store...
Teradici Cloud Access Connector<=16
Teradici Cloud Access Connector Legacy<2020-04-24
CVE-2020-13175
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local fil...
Teradici Cloud Access Connector<=15
Teradici Cloud Access Connector Legacy<2020-04-20
CVE-2020-13173
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which all...
Teradici Pcoip Graphics Agent<=19.11.1
Teradici Pcoip Standard Agent<=19.11.1
CVE-2020-10965
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when th...
Teradici PCoIP Management Console=19.11.1
Teradici PCoIP Management Console=20.01.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203