PT-2019-13556 · Bitdefender · Bitdefender Total Security+3
Published
2019-07-30
·
Updated
2021-07-21
·
CVE-2019-14242
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Bitdefender Endpoint Security Tool versions prior to 6.6.8.115
Bitdefender Antivirus Plus versions prior to 23.0.24.120
Bitdefender Internet Security versions prior to 23.0.24.120
Bitdefender Total Security versions prior to 23.0.24.120
Description
An issue in Bitdefender products for Windows can lead to local code injection. A local attacker with administrator privileges can create a malicious DLL file in %SystemRoot%System32 that will be executed with local user privileges.
Recommendations
For Bitdefender Endpoint Security Tool versions prior to 6.6.8.115, update to version 6.6.8.115 or later.
For Bitdefender Antivirus Plus versions prior to 23.0.24.120, update to version 23.0.24.120 or later.
For Bitdefender Internet Security versions prior to 23.0.24.120, update to version 23.0.24.120 or later.
For Bitdefender Total Security versions prior to 23.0.24.120, update to version 23.0.24.120 or later.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools
Bitdefender Internet Security
Bitdefender Total Security