Back

Process Control vulnerability in Bitdefender Antivirus Plus (VA-8709)

Publication date: February 18th, 2022


CVE ID:
CVE-2020-8107
CVSS scrore:
8.2 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected vendors:
Bitdefender
Affected products:
Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security
Vulnerability details:

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file.

Additional details:
An automatic update to version 24.0.26.136 fixes the issue.
Credit:
김동현 - dsu.kr