Millions of Endpoints Affected by Critical HP Teradici PCoIP Vulnerabilities

American multinational information technology company HP has issued an alert regarding new critical security weaknesses in the Teradici PCoIP client and agent for Windows, Linux, and macOS, which affect 15 million endpoints.

According to the personal computers (PCs), printers, and related supplies developer, Teradici is impacted by the recently reported OpenSSL certificate parsing vulnerability that causes an endless denial of service loop and numerous integer overflow bugs in Expat.

What Is Teradici PCoIP?

As per Wikipedia, Teradici Corporation was a privately-owned software business founded in 2004, which was purchased by HP Inc. in October 2021.

Teradici initially created the PCoIP (PC over IP) protocol for compressing and decompressing pictures and audio when remotely accessing blade servers and implemented it in hardware. This technology was later expanded to thin clients/zero clients for general Virtual Desktop Infrastructure. Teradici’s protocol or hardware is used by HP, Dell-Wyse, Amulet Hotkey, Samsung, Amazon Web Services, Fujitsu, and VMware.

As seen on the company’s website, Teradici PCoIP products are used in 15,000,000 endpoints, supporting government agencies, military divisions, game development organizations, broadcast corporations, news outlets, and so on.

The Disclosed Vulnerabilities

In two advisories (12), HP has made public ten security flaws, three of which are

Read More: https://heimdalsecurity.com/blog/millions-of-endpoints-affected-by-critical-hp-teradici-pcoip-vulnerabilities/