Back

Untrusted Search Path Vulnerability in High-Level Antimalware SDK for Windows

Publication date: April 7th, 2020


CVE ID:
CVE-2020-8096
CVSS scrore:
6.3 - https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
Affected vendors:
Bitdefender
Affected products:
Bitdefender High-Level Antimalware SDK for Windows
Vulnerability details:

Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path.

Additional details:
An updated version of the High-Level Antimalware SDK for Windows (version 3.0.1.204, delivered ion August 30, 219) fixes the issue.
Credit:
Ander Martinez Sola