PT-2020-2805 · Bitdefender · Bitdefender Engines

Published

2020-05-15

Updated

2020-05-19

CVE-2020-8100

CVSS v3.1

9.0

Critical

Vector

AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Bitdefender Engines versions prior to 7.84063

Description The issue is related to an Improper Input Validation vulnerability in the cevakrnl.rv0 module. This vulnerability allows an attacker to trigger a denial of service by scanning a specially-crafted sample. The exploitation of this vulnerability can be done remotely.

Recommendations For versions prior to 7.84063, update to version 7.84063 or later to resolve the issue. As a temporary workaround, consider restricting the use of the cevakrnl.rv0 module until a patch is available.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2020-02933

CVE-2020-8100

Affected Products

Bitdefender Engines

PT-2020-2805 · Bitdefender · Bitdefender Engines

CVE-2020-8100

Weakness Enumeration

Related Identifiers

Affected Products

References · 5