PT-2020-19947 · Bitdefender · Bitdefender Antivirus Free

Ilias Dimopoulos

Published

2020-06-05

Updated

2020-06-12

CVE-2020-8103

CVSS v3.1

7.2

High

Vector

AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Bitdefender Antivirus Free versions prior to 1.0.17.178

Description A vulnerability in the improper handling of symbolic links can allow an unprivileged user to substitute a quarantined file and restore it to a privileged location.

Recommendations For versions prior to 1.0.17.178, update to version 1.0.17.178 or later to resolve the issue. As a temporary workaround, consider restricting access to quarantined files to prevent potential exploitation.

Exploit

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2020-8103

Affected Products

Bitdefender Antivirus Free

PT-2020-19947 · Bitdefender · Bitdefender Antivirus Free

CVE-2020-8103

Weakness Enumeration

Related Identifiers

Affected Products

References · 5