← back
CVE-2021-25699

CVE-2021-25699

EPSS 0.4%CWE-426
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Jul 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory.
Affected products
n/a · - PCoIP Standard Agent - PCoIP Graphics Agent - PCoIP Software Client

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://advisory.teradici.com/security-advisories/102/