Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not validate NVENC.dll. An attacker could replace the .dll and redirect pixels elsewhere.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HTeradici Pcoip Graphics Agent
APPTeradici< 21.03
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2020-13173HIGH7.8ten sam produkt
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphic...
CVE-2019-20362HIGH7.8ten sam produkt
In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause exe...
CVE-2021-25688MEDIUM5.5ten sam produkt
Under certain conditions, Teradici PCoIP Agents for Windows prior to version 20.10.0 and Teradici PCoIP Agents...
CVE-2021-25689CRITICAL9.8ten sam vendor
An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...
CVE-2022-1805HIGH8.1ten sam vendor
When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified...