Design/Logic Flaw

2020-01-0815:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file.

CPENameOperatorVersion
pcoip_clientlt19.08.3
pcoip_graphics_agentlt19.08.1
pcoip_standard_agentlt19.08.1

Name	Operator	Version
pcoip_client	lt	19.08.3
pcoip_graphics_agent	lt	19.08.1
pcoip_standard_agent	lt	19.08.1

References

help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-agent-client-19-08-earlier