Back

Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144)

Publication date: April 7th, 2022

CVE ID:

CVE-2022-0677

CVSS scrore:

7.5 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected vendors:

Bitdefender

Affected products:

Endpoint Security Tools

Vulnerability details:

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools, Endpoint Security Tools allows an attacker to cause a Denial-of-Service.

This issue affects Bitdefender Update Server versions prior to 3.4.0.276.

Additional details:

An automatic update to version 3.4.0.276 fixes the issue.