Get-task-allow entitlement via BDLDaemon on macOS
CVE-2019-17103

4.9MEDIUM

Key Information:

Vendor: Bitdefender
Status: Bitdefender Av For Mac
Vendor: CVE Published:; 27 January 2020

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2019-17103?

An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. This issue affects: Bitdefender AV for Mac versions prior to 8.0.0.

Affected Version(s)

Bitdefender AV for Mac < 8.0.0

References

https://www.bitdefender.com/support/security-advisories/g...

x_refsource_MISC

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2020
Vulnerability Reserved
Oct 2, 2019

Credit

Bugcrowd user Bohops