CVE-2020-13177

HIGH

Teradici PCoIP Standard Agent <20.04.1-20.07.0 - Privilege Escalation

Title source: llm
STIX 2.1

Description

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://advisory.teradici.com/security-advisories/60/

Scores

CVSS v3 7.8
EPSS 0.0038
EPSS Percentile 29.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-427
Status published
Products (2)
teradici/graphics_agent < 20.04.1
teradici/pcoip_standard_agent < 20.04.1
Published Aug 11, 2020
Tracked Since Feb 18, 2026