CVE-2020-13173

HIGH

Teradici PCoIP <19.11.1 - Privilege Escalation

Title source: llm
STIX 2.1

Description

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://advisory.teradici.com/security-advisories/55/

Scores

CVSS v3 7.8
EPSS 0.0023
EPSS Percentile 13.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (2)
teradici/pcoip_graphics_agent < 19.11.1
teradici/pcoip_standard_agent < 19.11.1
Published May 28, 2020
Tracked Since Feb 18, 2026