CVE-2020-13179

2020-08-1118:06:27

CWE-200

Teradici

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.

CNA Affected

[
  {
    "product": "- PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "PCoIP Standard Agent for Windows 20.04 and earlier, PCoIP Graphics Agent for Windows 20.04 and earlier"
      }
    ]
  }
]

References

advisory.teradici.com/security-advisories/60/