CVE-2020-15731 Local Privilege Escalation in Bitdefender Engines (VA-8953)

An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448...

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...

Vulnerability fixed in Bitdefender Endpoint Security

Bitdefender has fixed an update in Bitdefender Endpoint Security Tools and the Endpoint Security SDK. The vulnerability could potentially be exploited by a malicious party to obtain elevated user privileges and manipulate data. Bitdefender categorizes this vulnerability according to the CVSSv3...

CVE-2020-8097

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools fo...

CVE-2020-8097

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools fo...

Authentication flaw

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools fo...

CVE-2020-8097 Improper authentication vulnerability in Bitdefender Endpoint Security Tools and Endpoint Security SDK (VA-8646)

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools fo...

CVE-2020-8097

CVE-2020-8097 affects Bitdefender Endpoint Security Tools for Windows (pre-6.6.18.261) and Bitdefender Endpoint Security SDK (pre-6.6.18.261). The root cause is improper authentication allowing a local, unprivileged attacker to escalate privileges or tamper with security settings. CVSS data shows...

APT Hackers Exploit Autodesk 3ds Max Software for Industrial Espionage

It's one thing for APT groups to conduct cyber espionage to meet their own financial objectives. But it's an entirely different matter when they are used as "hackers for hire" by competing private companies to make away with confidential information. Bitdefender's Cyber Threat Intelligence Lab...

CVE-2020-8108

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80...

CVE-2020-8108

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80...

Authentication flaw

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80...

CVE-2020-8108

The CVE concerns Bitdefender Endpoint Security for Mac, where an improper authentication flaw lets an unprivileged local process restart the main service and potentially inject third‑party code into a trusted process. Affected versions are Bitdefender Endpoint Security for Mac prior to 4.12.80. T...

CVE-2020-8108 Insufficient client validation in Bitdefender Endpoint Security for Mac (VA-8759)

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80...

The vulnerability of the cevakrnl.rv0 module in the Bitdefender Engines antivirus engine allows a hacker to trigger a service failure.

The vulnerability of the cevakrnl.rv0 module in the Bitdefender Engines antivirus engine is related to incorrect validation of input data. Exploiting this vulnerability can allow a remote attacker to trigger a service failure by scanning a specially created malicious file...

Bitdefender Total Security Input Validation Error Vulnerability

Bitdefender Total Security is a security solution. An input validation error vulnerability exists in the Safepay browser component in versions prior to Bitdefender Total Security 2020 24.0.20.116. A remote attacker can exploit this vulnerability by running commands inside the Safepay Utility...

CVE-2020-8102

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116...

CVE-2020-8102

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116...

Input validation

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116...

CVE-2020-8102 Insufficient URL sanitization and validation in Safepay Browser (VA-8631)

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116...