Back
Process Control vulnerability in Bitdefender Antivirus Plus (VA-8709)
Publication date: February 18th, 2022
CVSS scrore:
8.2 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Affected vendors:
Bitdefender
Affected products:
Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security
Vulnerability details:
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file.
Additional details:
An automatic update to version 24.0.26.136 fixes the issue.