PT-2019-3092 · Bitdefender · Bitdefender Antivirus Free 2020+1
Publicado
2019-08-21
·
Atualizado
2019-08-28
·
CVE-2019-15295
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138
ServiceInstance.dll library versions 1.0.15.119 and lower
Description
The issue is related to errors in checking the path of loaded dynamic libraries in the ServiceInstance.dll library of Bitdefender Antivirus Free 2020. Exploitation of this issue may allow an attacker to elevate their privileges. An Untrusted Search Path vulnerability allows an attacker to load an arbitrary DLL file from the search path.
Recommendations
For Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, update to version 1.0.15.138 or later to resolve the issue.
For ServiceInstance.dll library versions 1.0.15.119 and lower, update to a version higher than 1.0.15.119 to resolve the issue.
Correção
Untrusted Search Path
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bitdefender Antivirus Free 2020
Serviceinstance.Dll