HIGH✓ PATCH🇬🇧 English

CVE-2021-25698

CVSS 7.8v3.1pub. 2021-07-21upd. 2024-11-21

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Teradici Pcoip Standard Agent

    APP
    Teradici
    < 21.07.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2020-13177HIGH7.8ten sam produkt

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior...

CVE-2020-13173HIGH7.8ten sam produkt

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphic...

CVE-2019-20362HIGH7.8ten sam produkt

In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause exe...

CVE-2021-25688MEDIUM5.5ten sam produkt

Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents...

CVE-2020-13178MEDIUM6.7ten sam produkt

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20...