CVE-2020-13178 — MEDIUM (6.7)

Q: How severe is CVE-2020-13178?

CVE-2020-13178 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2020-13178?

Check the references section above for vendor advisories and patch information. Affected products include: Teradici Graphics Agent, Teradici Pcoip Standard Agent.

Vulnerability Description

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.

CVSS Score

6.7

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Teradici	Graphics Agent	< 20.04.1
Teradici	Pcoip Standard Agent	< 20.04.1

Related Weaknesses (CWE)

CWE-345

References

https://advisory.teradici.com/security-advisories/60/Vendor Advisory
https://advisory.teradici.com/security-advisories/60/Vendor Advisory

FAQ

What is CVE-2020-13178?

CVE-2020-13178 is a vulnerability with a CVSS score of 6.7 (MEDIUM). A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an...

How severe is CVE-2020-13178?

CVE-2020-13178 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-13178?

Check the references section above for vendor advisories and patch information. Affected products include: Teradici Graphics Agent, Teradici Pcoip Standard Agent.