HIGHβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2021-25699

CVSS 7.8v3.1pub. 2021-07-21upd. 2024-11-21

The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Teradici Pcoip Client

    APP
    Teradici
    < 21.07.0
🟒
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2019-20362HIGH7.8ten sam produkt

In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause exe...

CVE-2021-25701MEDIUM5.5ten sam produkt

The fUSBHub driver in the PCoIP Software Client prior to version 21.07.0 had an error in object management dur...

CVE-2021-25689CRITICAL9.8ten sam vendor

An out of bounds write in Teradici PCoIP soft client versions prior to version 20.10.1 could allow an attacker...

CVE-2022-1805HIGH8.1ten sam vendor

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified...

CVE-2017-20121HIGH7.8ten sam vendor

A vulnerability was found in Teradici Management Console 2.2.0. It has been declared as critical. Affected by ...

CVE-2021-25699 β€” Teradici β€” Pcoip Client β€” HIGH β€” CVSS 7.8 | CVEbaza.pl