Vulnerability Description
In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_printing_svc.exe file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Teradici | Pcoip Standard Agent | < 19.08.1 |
| Microsoft | Windows | - |
| Teradici | Pcoip Graphics Agent | < 19.08.1 |
| Teradici | Pcoip Client | < 19.08.3 |
Related Weaknesses (CWE)
References
- https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-Third Party Advisory
- https://help.teradici.com/s/article/unquoted-service-path-vulnerability-windows-Third Party Advisory
FAQ
What is CVE-2019-20362?
CVE-2019-20362 is a vulnerability with a CVSS score of 7.8 (HIGH). In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3, an unquoted service path can cause execution of %PROGRAMFILES(X86)%\Teradici\PCoIP.exe instead of the intended pcoip_vchan_print...
How severe is CVE-2019-20362?
CVE-2019-20362 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-20362?
Check the references section above for vendor advisories and patch information. Affected products include: Teradici Pcoip Standard Agent, Microsoft Windows, Teradici Pcoip Graphics Agent, Teradici Pcoip Client.