PT-2020-19945 · Bitdefender · Bitdefender Antivirus Free

Jimmy Bayne

Published

2020-04-21

Updated

2020-04-29

CVE-2020-8099

CVSS v3.1

7.1

High

Vector

AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions Bitdefender Antivirus Free versions prior to 1.0.17

Description A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location.

Recommendations For versions prior to 1.0.17, update to version 1.0.17 or later to resolve the issue. As a temporary workaround, consider restricting access to quarantined files to prevent substitution and restoration to privileged locations.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2020-8099

Affected Products

Bitdefender Antivirus Free

PT-2020-19945 · Bitdefender · Bitdefender Antivirus Free

CVE-2020-8099

Weakness Enumeration

Related Identifiers

Affected Products

References · 4