Incomplete validation in detection code in Bitdefender Engines (VA-8589)
CVE-2020-8100

9CRITICAL

Key Information:

Vendor: Bitdefender
Status: Bitdefender Engines
Vendor: CVE Published:; 15 May 2020

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2020-8100?

Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063.

Affected Version(s)

Bitdefender Engines < 7.84063

References

https://www.bitdefender.com/support/security-advisories/i...

x_refsource_MISC

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 15, 2020
Vulnerability Reserved
Jan 28, 2020