Back

Privilege escalation in Bitdefender Antivirus for Mac (VA-3499)

Publication date: January 29th, 2020

CVE ID:

CVE-2020-8092

CVSS scrore:

1.6 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N

Affected vendors:

Bitdefender

Affected products:

Bitdefender Antivirus for Mac

Vulnerability details:

A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud.

Additional details:

The vulnerability has been fixed in Bitdefender Antivirus for Mac version 8.0.0. An automatic update mitigates the issue.

Credit:

Bugcrowd user Bohops