Security Advisory 062001-02
For PCoIP Zero Clients and Remote Workstation Cards
A set of serious security vulnerabilities has been discovered in Teradici PCoIP Zero Client and Remote Workstation Card Firmware 20.01.1 (released in January 2020) and earlier.
Affected NCS Products
Mobile Zero Clients
Cirrus LT and Cirrus LT Plus
Desktop Zero Clients
Cirrus DT WiFi, Cirrus DT 5220, Cirrus DT TZ-202L, & Cirrus DT TZ-204L
Remote Workstation Cards
Teradici 2-Port and 4-Port Remote Workstation Cards
The above listed NCS products are only affected when installed with Firmware 20.01.1 and earlier. The earlier versions include but may not be limited to:
Zero Client Firmware Versions: 20.01.1; 20.01.0; 6.X.Y; 5.X.Y; 4.X.Y
Remote Workstation Card Firmware Versions: 20.01.1; 20.01.0; 5.X.Y; 4.X.Y
To determine the level of exposure NCS customers should review the list of CVE IDs below:
CVE-2020-11896; CVE-2020-11898; CVE-2020-11900; CVE-2020-11901; CVE-2020-11902; CVE-2020-11904; CVE-2020-11905; CVE-2020-11906; CVE-2020-11907; CVE-2020-11909; CVE-2020-11910; CVE-2020-11911; CVE-2020-11912; CVE-2020-11913; CVE-2020-11914
(Each CVE ID link above refers to NIST site providing more details about the CVE.)
There are three options to get the fix for security vulnerabilities.
Register your PCoIP Zero Clients if you purchased them within the last year and receive one year of updates for free.
Purchase All Access licenses to update to Firmware 20.01.3 / 20.04.1 or later by contacting your NCS Sales Representative.
Use the complimentary Zero Client Firmware 17.05 or Remote Workstation Card Firmware 17.05 now available through December 31, 2020.
Note: Firmware 17.05 is the last complimentary release that Teradici offers and there would only be an update for 17.05 if there is a critical security vulnerability.
Upgrade the Zero Client and Remote Workstation Card Firmware to the recommended firmware revision as soon as possible.
Request Information About the Teradici Security Advisory
Please contact your NCS Sales Representative if you require more specific information about this issue.
Or Fill Out this Form:
Thank you for your interest in the NCS Teradici security advisory. Please fill out the form below and a member of the NCS team will respond to your request!