Back

Incomplete validation in detection code in Bitdefender Engines (VA-8589)

Publication date: May 11th, 2020


CVE ID:
CVE-2020-8100
CVSS scrore:
9.0 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected vendors:
Bitdefender
Affected products:
Bitdefender Engines
Vulnerability details:

Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects Bitdefender Engines versions prior to 7.84063.

Additional details:
An automatic update to Bitdefender Engines version 7.84063 fixes the issue.