Back
Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability (VA-4021)
Publication date: January 30th, 2020
CVSS scrore:
4.9 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
Affected vendors:
Bitdefender
Affected products:
Bitdefender Total Security 2020
Vulnerability details:
A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to trigger a denial of service on the affected device.
Additional details:
The vulnerability has been fixed in Bitdefender Total Security 2020 version 24.9. A fix was automatically delivered to affected installs.
Credit:
Nabeel Ahmed of Dimension Data Belgium working with Trend Micro Zero Day Initiative
