Millions of Endpoints Affected by Critical HP Teradici PCoIP Vulnerabilities

American multinational information technology company HP has issued an alert regarding new critical security weaknesses in the Teradici PCoIP client and agent for Windows, Linux, and macOS, which affect 15 million endpoints.

According to personal computers (PCs), printers, and related supplies developer, Teradici is impacted by the recently reported OpenSSL certificate parsing vulnerability that causes an endless denial of service loop and numerous integer overflow bugs in Expat.

What Is PCoIP Teradici?

As per Wikipedia, Teradici Corporation was a privately-owned software business founded in 2004, which was purchased by HP Inc. in October 2021.

Teradici initially created the PCoIP (PC over IP) protocol for compressing and decompressing pictures and audio when remotely accessing blade servers and implemented it in hardware. This technology was later expanded to thin clients / zero clients for general Virtual Desktop Infrastructure. Teradici’s protocol or hardware is used by HP, Dell-Wise, Amulet Hotkey, Samsung, Amazon Web Services, Fujitsu, and VMware.

As seen on the company’s website, Teradici PCoIP products are used in 15,000,000 endpoints, supporting government agencies, military divisions, game development organizations, broadcast corporations, news outlets, and so on.

The Disclosed Vulnerabilities

In two advisories (1, 2), HP has made public ten security flaws, three of which are classified as critical (CVSS v3 score: 9.8), eight as high-severity, and one as medium.

One of the most notable security vulnerabilities patched at this moment is CVE-2022-0778, a denial of service flaw in OpenSSL caused by parsing a maliciously crafted certificate.

The vulnerability will cause the software to become unresponsive, but given the product’s critical mission applications, such an attack would be extremely disruptive because users will no longer have the ability to remotely access machines.

Another three critical flaws that have also been patched are CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824, all integer overflow and invalid shift problems in libexpat, could cause unmanageable consumption of resources, elevation of privileges, and remote code execution.

The rest of the high-severity flaws are also integer overflow flaws and are identified as CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, and CVE-2021-46143.

The PCoIP client, client SDK, Graphics Agent, and Standard Agent for Windows, Linux, and macOS are among the products impacted by the recently disclosed flaws.

What Should Users Do?

In order to fix all the problems, users are recommended to update to version 22.01.3 or later, which uses OpenSSL 1.1.1n and libexpat 2.4.7.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtubeand Instagram for more cybersecurity news and topics.

Source

American multinational information technology company HP has issued an alert regarding new critical security weaknesses in the Teradici PCoIP client and agent for Windows, Linux, and macOS, which affect 15 million endpoints.

According to personal computers (PCs), printers, and related supplies developer, Teradici is impacted by the recently reported OpenSSL certificate parsing vulnerability that causes an endless denial of service loop and numerous integer overflow bugs in Expat.

What Is PCoIP Teradici?

As per Wikipedia, Teradici Corporation was a privately-owned software business founded in 2004, which was purchased by HP Inc. in October 2021.

Teradici initially created the PCoIP (PC over IP) protocol for compressing and decompressing pictures and audio when remotely accessing blade servers and implemented it in hardware. This technology was later expanded to thin clients / zero clients for general Virtual Desktop Infrastructure. Teradici’s protocol or hardware is used by HP, Dell-Wise, Amulet Hotkey, Samsung, Amazon Web Services, Fujitsu, and VMware.

As seen on the company’s website, Teradici PCoIP products are used in 15,000,000 endpoints, supporting government agencies, military divisions, game development organizations, broadcast corporations, news outlets, and so on.

The Disclosed Vulnerabilities

In two advisories (1, 2), HP has made public ten security flaws, three of which are classified as critical (CVSS v3 score: 9.8), eight as high-severity, and one as medium.

One of the most notable security vulnerabilities patched at this moment is CVE-2022-0778, a denial of service flaw in OpenSSL caused by parsing a maliciously crafted certificate.

The vulnerability will cause the software to become unresponsive, but given the product’s critical mission applications, such an attack would be extremely disruptive because users will no longer have the ability to remotely access machines.

Another three critical flaws that have also been patched are CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824, all integer overflow and invalid shift problems in libexpat, could cause unmanageable consumption of resources, elevation of privileges, and remote code execution.

The rest of the high-severity flaws are also integer overflow flaws and are identified as CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, and CVE-2021-46143.

The PCoIP client, client SDK, Graphics Agent, and Standard Agent for Windows, Linux, and macOS are among the products impacted by the recently disclosed flaws.

What Should Users Do?

In order to fix all the problems, users are recommended to update to version 22.01.3 or later, which uses OpenSSL 1.1.1n and libexpat 2.4.7.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtubeand Instagram for more cybersecurity news and topics.

Source

More from author

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related posts

Advertismentspot_img

Latest posts

YouAttest collaborates with JumpCloud to give users access reviews for identity governance

YouAttest announced their product integration with JumpCloud - an open directory platform that gives IT, security...

Microsoft patches the Patch Tuesday patch that broke authentication – Naked Security

Two of the big-news vulnerabilities in this month's Patch Tuesday updates from Microsoft were CVE-2022-26923 and CVE-2022-26931which affected the safety of authentication in Windows. Even...

QNAP warns of DeadBolt ransomware attacks against its NAS devicesSecurity Affairs

Taiwanese vendor QNAP warned customers of a new...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!