CVE-2020-13173

2020-05-2821:05:33

Teradici

www.cve.org

7.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.

CNA Affected

[
  {
    "product": "PCoIP Standard Agent for Windows, PCoIP Graphics Agent for Windows",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "19.11.1 and earlier"
      }
    ]
  }
]

References

advisory.teradici.com/security-advisories/55/