HIGH✓ PATCH🇬🇧 English

CVE-2021-25695

CVSS 7.8v3.1pub. 2021-07-21upd. 2024-11-21

The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Teradici Pcoip

    APP
    Teradici
    < 21.07.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...

CVE-2022-1805HIGH8.1ten sam vendor

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified...

CVE-2017-20121HIGH7.8ten sam vendor

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by ...

CVE-2021-25699HIGH7.8ten sam vendor

The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the ...

CVE-2021-25698HIGH7.8ten sam vendor

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the n...