Multiple Vulnerabilities in PCoIP Agent for Windows

Advisory Information


Summary

Multiple vulnerabilities have been found in the PCoIP Agent for Windows.

The support bundler for PCoIP Standard Agent for Windows and Graphics Agent for Windows does not use hard coded paths for certain Windows binaries. An attacker can place their own binaries in the system path and they will execute with elevated privileges when the support bundler is run.

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.


Affected Products

  • PCoIP Standard Agent for Windows 20.04.0 and earlier.
  • PCoIP Graphics Agent for Windows 20.04.0 and earlier.

Solutions and Mitigations

Available Updates

Update to the 20.04.1, 20.07.0 and newer versions of PCoIP Standard Agent for Windows.

Update to the 20.04.1, 20.07.0 and newer versions of PCoIP Graphics Agent for Windows.

Workarounds and Mitigation

No workarounds or mitigation techniques exist at this time.

Vulnerability Details

CVE-2020-13177

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows 20.04.1, 20.07.0 and newer does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.

CVE-2020-13178

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows 20.04.1, 20.07.0 and newer does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.

Remark

Vulnerability classification has been performed using the CVSSv3 scoring system. The CVSS environmental score is specific to each customer’s environment and should be defined by the customer to attain a final scoring.


Additional Resources


Revision History

18 Nov. 2020: Revised CVE numbers and description

4 Aug. 2020: Initial Publication


Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. TERADICI RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.