Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020
CVE-2019-15295

7.8HIGH

Key Information:

Vendor: Bitdefender
Status: Antivirus 2020
Vendor: CVE Published:; 21 August 2019

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2019-15295?

The vulnerability in Bitdefender Antivirus Free 2020 arises from an untrusted search path in the ServiceInstance.dll library. This flaw allows an attacker to exploit the software by loading arbitrary DLL files from the search path, potentially leading to unauthorized access and control over the infected system. Users of versions prior to 1.0.15.138 need to be aware of this risk to ensure their systems remain secure.

References

https://www.bitdefender.com/support/security-advisories/u...

x_refsource_CONFIRM

https://safebreach.com/Post/BitDefender-Antivirus-Free-20...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2019
Vulnerability Reserved
Aug 21, 2019