Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | bitdefender_antivirus | * |
Race condition in BitDefender Total Security 2010 13.0.20.347 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | bitdefender_total_security_2010 | 13.0.20.347 |
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_antivirus | 7424 |
| mcafee | scan_engine | 5.400.0.1158 |
| mcafee | gateway | 2010.1c |
| bitdefender | bitdefender | 7.2 |
| f-secure | anti-virus | 9.0.16160.0 |
| aladdin | esafe | 7.0.17.0 |
| sophos | sophos_anti-virus | 4.61.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_antivirus | 7424 |
| mcafee | gateway | 2010.1c |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| bitdefender | bitdefender | 7.2 |
| authentium | command_antivirus | 5.2.11.5 |
| aladdin | esafe | 7.0.17.0 |
| sophos | sophos_anti-virus | 4.61.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mcafee | gateway | 2010.1c |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| bitdefender | bitdefender | 7.2 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| trendmicro | housecall | 9.120.0.1004 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| authentium | command_antivirus | 5.2.11.5 |
| aladdin | esafe | 7.0.17.0 |
| eset | nod32_antivirus | 5795 |
| avg | avg_anti-virus | 10.0.0.1190 |
| gdata-software | g_data_antivirus | 21 |
| cat | quick_heal | 11.00 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| anti-virus | vba32 | 3.12.14.2 |
| rising-global | rising_antivirus | 22.83.00.03 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| avira | antivir | 7.11.1.163 |
| comodo | comodo_antivirus | 7424 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | scan_engine | 5.400.0.1158 |
| alwil | avast_antivirus | 4.8.1351.0 |
| k7computing | antivirus | 9.77.3565 |
| antiy | avl_sdk | 2.0.3.7 |
| sophos | sophos_anti-virus | 4.61.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| alwil | avast_antivirus | 5.0.677.0 |
| microsoft | security_essentials | 2.0 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| symantec | endpoint_protection | 11.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| virusbuster | virusbuster | 13.6.151.0 |
| clamav | clamav | 0.96.4 |
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mcafee | gateway | 2010.1c |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| bitdefender | bitdefender | 7.2 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| trendmicro | housecall | 9.120.0.1004 |
| authentium | command_antivirus | 5.2.11.5 |
| aladdin | esafe | 7.0.17.0 |
| eset | nod32_antivirus | 5795 |
| avg | avg_anti-virus | 10.0.0.1190 |
| gdata-software | g_data_antivirus | 21 |
| cat | quick_heal | 11.00 |
| anti-virus | vba32 | 3.12.14.2 |
| rising-global | rising_antivirus | 22.83.00.03 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| avira | antivir | 7.11.1.163 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | scan_engine | 5.400.0.1158 |
| alwil | avast_antivirus | 4.8.1351.0 |
| k7computing | antivirus | 9.77.3565 |
| antiy | avl_sdk | 2.0.3.7 |
| alwil | avast_antivirus | 5.0.677.0 |
| microsoft | security_essentials | 2.0 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| symantec | endpoint_protection | 11.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| virusbuster | virusbuster | 13.6.151.0 |
| clamav | clamav | 0.96.4 |
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mcafee | gateway | 2010.1c |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| bitdefender | bitdefender | 7.2 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| trendmicro | housecall | 9.120.0.1004 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| authentium | command_antivirus | 5.2.11.5 |
| eset | nod32_antivirus | 5795 |
| avg | avg_anti-virus | 10.0.0.1190 |
| gdata-software | g_data_antivirus | 21 |
| cat | quick_heal | 11.00 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| anti-virus | vba32 | 3.12.14.2 |
| rising-global | rising_antivirus | 22.83.00.03 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| avira | antivir | 7.11.1.163 |
| comodo | comodo_antivirus | 7424 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | scan_engine | 5.400.0.1158 |
| alwil | avast_antivirus | 4.8.1351.0 |
| k7computing | antivirus | 9.77.3565 |
| antiy | avl_sdk | 2.0.3.7 |
| sophos | sophos_anti-virus | 4.61.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| alwil | avast_antivirus | 5.0.677.0 |
| microsoft | security_essentials | 2.0 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| symantec | endpoint_protection | 11.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| virusbuster | virusbuster | 13.6.151.0 |
| clamav | clamav | 0.96.4 |
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jiangmin | jiangmin_antivirus | 13.0.900 |
| mcafee | scan_engine | 5.400.0.1158 |
| mcafee | gateway | 2010.1c |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| bitdefender | bitdefender | 7.2 |
| k7computing | antivirus | 9.77.3565 |
| trendmicro | housecall | 9.120.0.1004 |
| authentium | command_antivirus | 5.2.11.5 |
| sophos | sophos_anti-virus | 4.61.0 |
| eset | nod32_antivirus | 5795 |
| avg | avg_anti-virus | 10.0.0.1190 |
| symantec | endpoint_protection | 11.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| anti-virus | vba32 | 3.12.14.2 |
| rising-global | rising_antivirus | 22.83.00.03 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| comodo | comodo_antivirus | 7424 |
| mcafee | scan_engine | 5.400.0.1158 |
| bitdefender | bitdefender | 7.2 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| authentium | command_antivirus | 5.2.11.5 |
| aladdin | esafe | 7.0.17.0 |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| cat | quick_heal | 11.00 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
Multiple directory traversal vulnerabilities in Bitdefender GravityZone before 5.1.11.432 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the id parameter to webservice/CORE/downloadFullKitEpc/a/1 in the Web Console or (2) %2E%2E (encoded dot dot) in the default URI to port 7074 on the Update Server.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within processing of the 0x8000E038 IOCTL in the bdfwfpf driver. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker could leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-4776.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-415,CWE-415,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | 21.0.24.62 |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within pdf.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-4361.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security_2018 | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5101.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security_2018 | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within emulator 0x10A in cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5102.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-190,CWE-190,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security_2018 | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security 2018. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within emulator 0x102 in cevakrnl.xmd. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of SYSTEM. Was ZDI-CAN-5116.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-787,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security_2018 | * |
Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a "DoubleAgent" attack. One perspective on this issue is that (1) these products do not use the Protected Processes feature, and therefore an attacker can enter an arbitrary Application Verifier Provider DLL under Image File Execution Options in the registry; (2) the self-protection mechanism is intended to block all local processes (regardless of privileges) from modifying Image File Execution Options for these products; and (3) this mechanism can be bypassed by an attacker who temporarily renames Image File Execution Options during the attack.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
Bitdefender GravityZone VMware appliance before 6.2.1-35 might allow attackers to gain access with root privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-369,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | scan_engines | * |
An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | scan_engines | * |
An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | scan_engines | * |
BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | 2018 |
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-347,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | - |
An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the miniupnpd component to crash or to trigger a device reboot.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.4 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H | 0.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-770,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_firmware | * |
An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup mode.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_firmware | * |
An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) that can lead to local code injection. A local attacker with administrator privileges can create a malicious DLL file in %SystemRoot%\System32\ that will be executed with local user privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security_tool | * |
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus_2020 | * |
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 1.4 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_2_firmware | 2.1.47.42 |
| bitdefender | box_2_firmware | 2.1.53.45 |
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve-requests@bitdefender.com | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | central | * |
| bitdefender | box_2_firmware | - |
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L | 0.6 | 4.7 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security_tools | * |
An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.2 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L | 1.1 | 3.7 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H | 0.6 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security_2020 | * |
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
| cve-requests@bitdefender.com | 8.3 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 1.6 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-413,CWE-367,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_2_firmware | * |
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. This issue affects: Bitdefender AV for Mac versions prior to 8.0.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| cve-requests@bitdefender.com | 4.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N | 0.5 | 4.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-276,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus | * |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of tiscript. When processing the System.Exec method the application does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7234.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-356,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | safepay | 23.0.10.34 |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIScript. The issue lies in the handling of the openFile method, which allows for an arbitrary file write with attacker controlled data. An attacker can leverage this vulnerability execute code in the context of the current process. Was ZDI-CAN-7247.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-356,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | safepay | 23.0.10.34 |
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay 23.0.10.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIScript. When processing the launch method the application does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability execute code in the context of the current process. Was ZDI-CAN-7250.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-356,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | safepay | 23.0.10.34 |
An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
| cve-requests@bitdefender.com | 4.0 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 2.5 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security_tools | * |
Lack of validation on data read from guest memory in IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionRecord, IntKsymExpandSymbol and IntLixTaskDumpTree may lead to out-of-bounds read or it could cause DoS due to integer-overflor (IntPeGetDirectory), TOCTOU (IntPeParseUnwindData) or insufficient validations.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | hypervisor_introspection | * |
Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | hypervisor_introspection | 1.132.2 |
Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-733,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | hypervisor_introspection | * |
Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions prior to 6.6.20.294 allows an unprivileged attacker to bypass the in-place mitigations and interact with hosts on the network. This issue affects: Bitdefender Update Server versions prior to 6.6.20.294.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.1 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 3.9 | 5.2 |
| cve-requests@bitdefender.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.5 | 4.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-918,CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | update_server | * |
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.6 | LOW | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N | 1.8 | 1.4 |
| cve-requests@bitdefender.com | 3.2 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N | 1.5 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefender Total Security versions prior to 25.0.7.29. Bitdefender Internet Security versions prior to 25.0.7.29. Bitdefender Antivirus Plus versions prior to 25.0.7.29.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
| cve-requests@bitdefender.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-295,CWE-295,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus Plus versions prior to 25.0.7.29.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-346,CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus_plus | * |
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directories. This issue affects: Bitdefender Safepay versions prior to 25.0.7.29.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
| cve-requests@bitdefender.com | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-346,CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | safepay | * |
A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. This issue affects: Bitdefender Bitdefender Antivirus for Mac versions prior to 8.0.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 1.6 | LOW | CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N | 0.1 | 1.4 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus | * |
A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus | * |
An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free 2020 allows a low-privilege attacker to execute code as SYSTEM via a specially crafted DLL file.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus_2020 | * |
A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 4.9 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H | 0.5 | 4.0 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security_2020 | * |
Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 .
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L | 2.0 | 3.7 |
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L | 1.8 | 3.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antimalware_software_development_kit | * |
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H | 1.5 | 6.0 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security | * |
| bitdefender | endpoint_security_tools | * |
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.1 | HIGH | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L | 0.5 | 6.0 |
| nvd@nist.gov | 6.2 | MEDIUM | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L | 0.7 | 5.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus_2020 | * |
Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve-requests@bitdefender.com | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
| cve-requests@bitdefender.com | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security_2020 | * |
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
| cve-requests@bitdefender.com | 7.2 | HIGH | CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 0.5 | 6.0 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus_2020 | * |
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-114,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H | 2.0 | 6.0 |
| cve-requests@bitdefender.com | 8.2 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H | 1.5 | 6.0 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security | * |
A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. This can result in denial-of-service. This issue affects: Bitdefender Engines version 7.84892 and prior versions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| cve-requests@bitdefender.com | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. This can lead to denial-of-service. This issue affects: Bitdefender Engines version 7.84897 and prior versions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H | 2.2 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-824,CWE-824,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H | 1.1 | 6.0 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone_business_security | * |
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.4 | MEDIUM | CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.5 | 5.9 |
| nvd@nist.gov | 6.6 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.7 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-494,CWE-494,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security_tools | * |
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
| cve-requests@bitdefender.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-918,CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | 6.24.1-1 |
| bitdefender | endpoint_security_tools | * |
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint for Linux versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N | 1.6 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-918,CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | 6.24.1-1 |
| bitdefender | endpoint_security_tools | * |
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 9.0 | CRITICAL | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H | 2.2 | 6.0 |
| nvd@nist.gov | 10.0 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H | 3.9 | 6.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-284,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | 6.24.1-1 |
| bitdefender | gravityzone | * |
| bitdefender | endpoint_security_tools | * |
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-250,CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
| bitdefender | endpoint_security_tools | * |
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
| bitdefender | endpoint_security_tools | * |
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
| cve-requests@bitdefender.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve-requests@bitdefender.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.5 | 4.0 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions prior to 3.3.8.272
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.2 | 4.0 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-918,CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects Bitdefender GravityZone versions prior to 3.3.8.272
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | 2.5 | 4.0 |
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H | 1.8 | 4.2 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-476,CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | vpn_standalone | * |
| bitdefender | antivirus_plus | * |
| bitdefender | endpoint_security_tools | * |
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-732,CWE-732,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
| bitdefender | endpoint_security_tools | * |
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus_plus | * |
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Bitdefender GravityZone versions prior to 26.4-1. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-130,NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
| bitdefender | update_server | * |
| bitdefender | endpoint_security_tools | * |
Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows an attacker to pass unsafe commands to the environment. This issue affects: Bitdefender GravityZone Console On-Premise versions prior to 6.29.2-1. Bitdefender GravityZone Cloud Console versions prior to 6.27.2-2.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
| cve-requests@bitdefender.com | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It also affects Bitdefender Antivirus Free, Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security, as well as Bitdefender Endpoint Security Tools for Windows with engine versions prior to 7.92659.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.6 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | 1.8 | 6.0 |
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitdefender Engines version 7.94791 and lower.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | engines | * |
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5 and SHA1 collision hash functions which allow attackers to create rogue certificates that appear legitimate.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant to be an "End Entity”. This flaw could allow an attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and potentially altering communications between the user and the website.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product does not verify the certificate's compliance with the site, deeming such certificates as valid. This flaw could allow an attacker to perform a Man-in-the-Middle (MITM) attack, intercepting and potentially altering communications between the user and the website.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to establish MITM SSL connections to arbitrary sites.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL connections to arbitrary sites using a DSA-signed certificate.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for subsequent HTTPS scans. This vulnerability allows an attacker to perform a Man-in-the-Middle (MITM) attack by using a self-signed certificate, which the product will trust after the site has been added to exceptions. This can lead to the interception and potential alteration of secure communications.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | total_security | * |
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | antivirus | 27.0.25.114 |
| bitdefender | total_security | 27.0.25.114 |
| bitdefender | antivirus_plus | 27.0.25.114 |
| bitdefender | internet_security | 27.0.25.114 |
A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). This issue is caused by the absence of Hardened Runtime or Library Validation signing. This issue affects Bitdefender Virus Scanner versions before 3.18.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | virus_scanner | * |
An improper access control vulnerability exists in Bitdefender Box 1 (firmware version 1.3.52.928 and below) that allows an unauthenticated attacker to downgrade the device's firmware to an older, potentially vulnerable version of a Bitdefender-signed firmware. The attack requires Bitdefender BOX to be booted in Recovery Mode and that the attacker be present within the WiFi range of the BOX unit.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.7 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N | 2.1 | 3.6 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_firmware | * |
A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of Bitdefender Box 1 (firmware version 1.3.11.490). This flaw allows an unauthenticated, network-adjacent attacker to execute arbitrary commands on the device, potentially leading to full remote code execution (RCE).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_firmware | 1.3.11.490 |
Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 1.6 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | box_firmware | * |
An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux version 7.0.5.200089 Bitdefender Endpoint Security for Windows version 7.9.9.380 GravityZone Control Center (On Premises) version 6.36.1
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security | 7.0.5.200089 |
| bitdefender | endpoint_security | 7.9.9.380 |
| bitdefender | gravityzone_control_center | 6.36.1 |
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux version 7.0.5.200089 Bitdefender Endpoint Security for Windows version 7.9.9.380 GravityZone Control Center (On Premises) version 6.36.1
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security | 7.0.5.200089 |
| bitdefender | endpoint_security | 7.9.9.380 |
| bitdefender | gravityzone_control_center | 6.36.1 |
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-2 that are running only on premise.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| cve-requests@bitdefender.com | 8.1 | HIGH | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | 2.2 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. This issue only affects GravityZone Console versions before 6.38.1-5 running only on premise.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A Cross-Site Scripting (XSS) vulnerability has been identified in Psono-Client’s handling of vault entries of type website_password and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious vault entry (or trick a user into creating or importing one) with a javascript:URL. When the user interacts with this entry (for example, by clicking or opening it), the application will execute the malicious JavaScript in the context of the Psono vault. This allows an attacker to run arbitrary code in the victim’s browser, potentially giving them access to the user’s password vault and sensitive data.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| esaqa | psono_client | * |
| bitdefender | securepass | * |
A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an attacker to bypass input validation logic using leading characters in DNS requests. Paired with other potential vulnerabilities, this bypass could be used for execution of third party code. This issue affects GravityZone Console: before 6.41.2.1.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A vulnerability in the sendMailFromRemoteSource method in Emails.php as used in Bitdefender GravityZone Console unsafely uses php unserialize() on user-supplied input without validation. By crafting a malicious serialized payload, an attacker can trigger PHP object injection, perform a file write, and gain arbitrary command execution on the host system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone | * |
A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component on port 7074 uses a domain allowlist to restrict outbound requests, but fails to properly sanitize hostnames containing null-byte (%00) sequences. By crafting a request to a domain such as evil.com%00.bitdefender.com, an attacker can bypass the allowlist check, causing the proxy to forward requests to arbitrary external or internal systems.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N | 3.9 | 1.4 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | gravityzone_update_server | * |
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the application directory (/Applications/Endpoint Security for Mac.app/) and the related directories within /Library/Bitdefender/AVP without needing the uninstall password.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | endpoint_security | * |
A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| bitdefender | internet_security | * |
| bitdefender | total_security | * |
| bitdefender | antivirus | * |
| bitdefender | antivirus_plus | * |
| bitdefender | endpoint_security_tools | * |