Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
The computer and software maker discovered that Teradici is affected by a recently disclosed OpenSSL certificate parsing bug. This error causes an infinite denial of service assembly and multiple integer overflow vulnerabilities in Expat.
Teradici PCoIP (PC over IP) is a proprietary computing protocol licensed to many virtualization product vendors. HP acquired Teradici in 2021 and has used PCoIP on its products ever since.
According to HP's official website, Teradici PCoIP products are deployed on 15 million endpoints, supporting government agencies, military units, game developers, broadcast corporations, news companies. ie.
In total, HP announced 12 vulnerabilities with 3 of them being extremely critical (9.8), 8 critical, and 1 moderate.
One of the most critical vulnerabilities patched this time is CVE-2022-0778. This is a denial of service vulnerability in OpenSSL that is triggered by parsing a maliciously crafted certificate.
CVE-2022-0778 will result in a loop that causes the software to become unresponsive. Such an attack would cause disruptions because the user could not access the device remotely.
Other critical vulnerabilities include CVE-2022-22822, CVE-2022-22823 and CVE-2022-22824. All of these vulnerabilities are related to integer overflows and invalid conversions in libexpat that could potentially lead to uncontrollable resource consumption, elevated privileges, and remote code execution.
The other five critical integer overflow vulnerabilities include CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, and CVE-2021-46143.
Products affected by these vulnerabilities include PCoIP client, client SDK, Graphics Agent, and Standard Agent for Windows, Linux, and macOS.
Users are advised to update to version 22.01.3 or later, using OpenSSL 1.1.1n and libexpat 2.4.7.
HP released security updates on April 4 and 5, 2022, so you can rest assured that you have updated Teradici between then and now.
Samuel DanielYou should read it
- IBM developed a new technology to patch security holes
- The Mail app on iOS has serious vulnerabilities
- 5 common errors in managing security vulnerabilities
- New error detection in 4G LTE protocol
- Detecting an extremely dangerous vulnerability on nearly 16,000 iOS applications
- How to scan websites for potential security vulnerabilities with Vega on Kali Linux
- Microsoft introduced a tool to fix security holes in IE 9 and 10
- How to fix BlueKeep security error for Windows 2003, Windows XP, Windows 7, Windows Server 2008
May be interested
- Google has just patched a critical Gmail vulnerability, allowing hackers to send fake emails
google just patched a critical vulnerability affecting gmail and g suite. this vulnerability allows hackers to send fake identity emails to scam users. - Three critical holes in Linksys routers, hackers can take advantage of hijackinglinksys e series routers can get three vulnerabilities that help hackers gain control.
- NVIDIA Jetson chipset contains a series of security holes that allow data theft, DDoS attacksa series of new critical security vulnerabilities have been found in the jetson chip framework (nvidia) that could affect millions of active graphics cards worldwide.
- The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until nownsa, cisa and fbi have just released a list of vulnerabilities most exploited by chinese hackers to target government and critical infrastructure networks.
- The NSA identifies 4 'critical' security vulnerabilities of cloud systemsthe us national security agency (nsa) has issued a new guide to help organizations and businesses improve the security of data stored on the cloud.
- Microsoft has patched the critical vulnerability on Android Remote Desktop applicationthis vulnerability is currently monitored with cve-2019-1108 identifiers, and dangerous ratings at 'important'.
- Microsoft fixes 8 critical vulnerabilitieson june 13, microsoft issued eight security patches for vulnerabilities in windows operating systems, internet explorer, windows media player and office software.
- Microsoft discovered a critical vulnerability on macOSmicrosoft has just discovered a critical vulnerability in apple's macos. a new vulnerability called shrootless on macos discovered by microsoft is very serious.
- 13 popular applications have serious security vulnerabilities, users need to update immediatelyapple and the citizen lab have just discovered a serious security vulnerability, affecting a series of popular applications and millions of internet users.
- Popular network protocols todaythere are many protocols while establishing a connection on the internet. based on the type of connection to be established, the protocols used are also varied. these protocols define the characteristics of the connection.
Attack the network
- Notorious hacker group Hafnium deployed malicious code to target Windows, Microsoft stood still
- New banking malware discovered that can remotely control Android devices
- Malware spreads through crack software specializing in stealing Facebook, Instagram, and Twitter accounts
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- GitLab patches critical vulnerability that allows hackers to take control of accounts
- New phishing toolkit discovered that makes it easy to create fake Chrome browser windows
Notorious hacker group Hafnium deployed malicious code to target Windows, Microsoft stood still
New banking malware discovered that can remotely control Android devices
Malware spreads through crack software specializing in stealing Facebook, Instagram, and Twitter accounts
VMware patches RCE Spring4Shell vulnerability on a wide range of products
GitLab patches critical vulnerability that allows hackers to take control of accounts
New phishing toolkit discovered that makes it easy to create fake Chrome browser windows