Vulnerabilities > CVE-2020-8107 - Unspecified vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

bitdefender

NVD

Published: 2022-02-18

Updated: 2022-02-25

Summary

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.

Vulnerable Configurations

Part	Description	Count
Application	Bitdefender Bitdefender Total Security - Bitdefender Total Security 7.2.1.65 Bitdefender Total Security 12.0 Bitdefender Total Security 21.0.24.62 Bitdefender Total Security 23.0.24.120 Bitdefender Internet Security - Bitdefender Internet Security 12.0 Bitdefender Internet Security 23.0.24.120 Bitdefender Antivirus Plus - Bitdefender Antivirus Plus 12.0 Bitdefender Antivirus Plus 23.0.24.120	11

References

https://www.bitdefender.com/support/security-advisories/process-control-vulnerability-bitdefender-antivirus-plus-va-8709/