Back

Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability (VA-4021)

Publication date: January 30th, 2020

CVE ID:

CVE-2020-8095

CVSS scrore:

4.9 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H

Affected vendors:

Bitdefender

Affected products:

Bitdefender Total Security 2020

Vulnerability details:

A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to trigger a denial of service on the affected device.

Additional details:

The vulnerability has been fixed in Bitdefender Total Security 2020 version 24.9. A fix was automatically delivered to affected installs.

Credit:

Nabeel Ahmed of Dimension Data Belgium working with Trend Micro Zero Day Initiative