Security News > 2022 > April > Critical HP Teradici PCoIP flaws impact 15 million endpoints
HP is warning of new critical security vulnerabilities in the Teradici PCoIP client and agent for Windows, Linux, and macOS that impact 15 million endpoints.
Teradici PCoIP is a proprietary remote desktop protocol licensed to many virtualization product vendors, acquired by HP in 2021, and used on its own products since then.
According to the official website, Teradici PCoIP products are deployed in 15,000,000 endpoints, supporting government agencies, military units, game development firms, broadcast corporations, news organizations, etc.
HP has disclosed ten vulnerabilities in two advisories, with three of them carrying critical severity, eight categorized as high-severity, and one medium.
The products affected by the above vulnerabilities include the PCoIP client, client SDK, Graphics Agent, and Standard Agent for Windows, Linux, and macOS. To address all of the issues, users are urged to update to version 22.01.3 or later, which uses OpenSSL 1.1.1n and libexpat 2.4.7.
HP released the security updates on April 4 and 5, 2022, so you are secure if you have already updated Teradici since then.