CVE-2020-13177 Vulnerability Details

  /     /     /  

CVE-2020-13177 Metadata Quick Info

CVE Published: 11/08/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: Teradici | Vendor: n/a | Product: - PCoIP Standard Agent for Windows - PCoIP Graphics Agent for Windows
Status : PUBLISHED

---

CVE-2020-13177 Description

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-427
CWE Name: Uncontrolled Search Path Element (CWE-427)
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).