Millions of Endpoints Affected by Critical HP Teradici PCoIP Vulnerabilities
What Should Users Do?
Last updated on April 13, 2022
American multinational information technology company HP has issued an alert regarding new critical security weaknesses in the Teradici PCoIP client and agent for Windows, Linux, and macOS, which affect 15 million endpoints.
According to the personal computers (PCs), printers, and related supplies developer, Teradici is impacted by the recently reported OpenSSL certificate parsing vulnerability that causes an endless denial of service loop and numerous integer overflow bugs in Expat.
What Is Teradici PCoIP?
As per Wikipedia, Teradici Corporation was a privately-owned software business founded in 2004, which was purchased by HP Inc. in October 2021.
Teradici initially created the PCoIP (PC over IP) protocol for compressing and decompressing pictures and audio when remotely accessing blade servers and implemented it in hardware. This technology was later expanded to thin clients/zero clients for general Virtual Desktop Infrastructure. Teradici’s protocol or hardware is used by HP, Dell-Wyse, Amulet Hotkey, Samsung, Amazon Web Services, Fujitsu, and VMware.
As seen on the company’s website, Teradici PCoIP products are used in 15,000,000 endpoints, supporting government agencies, military divisions, game development organizations, broadcast corporations, news outlets, and so on.
The Disclosed Vulnerabilities
In two advisories (1, 2), HP has made public ten security flaws, three of which are classified as critical (CVSS v3 score: 9.8), eight as high-severity, and one as medium.
One of the most notable security vulnerabilities patched at this moment is CVE-2022-0778, a denial of service flaw in OpenSSL caused by parsing a maliciously crafted certificate.
The vulnerability will cause the software to become unresponsive, but given the product’s critical mission applications, such an attack would be extremely disruptive because users will no longer have the ability to remotely access machines.
Another three critical flaws that have also been patched are CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824, all integer overflow and invalid shift problems in libexpat, could cause unmanageable consumption of resources, elevation of privileges, and remote code execution.
The rest of the high-severity flaws are also integer overflow flaws and are identified as CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, and CVE-2021-46143.
The PCoIP client, client SDK, Graphics Agent, and Standard Agent for Windows, Linux, and macOS are among the products impacted by the recently disclosed flaws.
What Should Users Do?
In order to fix all the problems, users are recommended to update to version 22.01.3 or later, which uses OpenSSL 1.1.1n and libexpat 2.4.7.
As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.