HIGH✓ PATCH🇬🇧 English

CVE-2021-25694

CVSS 7.8v3.1pub. 2021-05-13upd. 2024-11-21

Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Teradici Pcoip Graphics Agent

    APP
    Teradici
    < 21.03
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-13173HIGH7.8ten sam produkt

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphic...

CVE-2019-20362HIGH7.8ten sam produkt

In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause exe...

CVE-2021-25688MEDIUM5.5ten sam produkt

Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents...

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...

CVE-2022-1805HIGH8.1ten sam vendor

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified...