CVE-2021-25698

Summary

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.

Affected Software

VendorProductVersion RangeStatus
n/a- PCoIP Standard Agent - PCoIP Graphics Agent - PCoIP Software Client21.07.0affected

Weaknesses

  • CWE-426: Untrusted Search Path (CWE-426)

ADP Enrichment

CVE Program Container

Additional References

References