Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-15294

Summary
Assigner-Bitdefender
Assigner Org ID-b3d5ebe7-963e-41fb-98e1-2edaeabb8f82
Published At-17 Dec, 2020 | 16:50
Updated At-16 Sep, 2024 | 19:40
Rejected At-
Credits

Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Bitdefender
Assigner Org ID:b3d5ebe7-963e-41fb-98e1-2edaeabb8f82
Published At:17 Dec, 2020 | 16:50
Updated At:16 Sep, 2024 | 19:40
Rejected At:
▼CVE Numbering Authority (CNA)
Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.

Affected Products
Vendor
BitdefenderBitdefender
Product
Hypervisor Introspection
Versions
Affected
  • From unspecified before 1.132.2 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-733CWE-733: Compiler Optimization Removal or Modification of Security-critical Code
Type: CWE
CWE ID: CWE-733
Description: CWE-733: Compiler Optimization Removal or Modification of Security-critical Code
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

The issue has been fixed in Introcore 1.132.2.

Configurations
Workarounds
Exploits
Credits
Ilja Van Sprundel from IOActive
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/
x_refsource_MISC
Hyperlink: https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/
x_refsource_MISC
x_transferred
Hyperlink: https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve-requests@bitdefender.com
Published At:17 Dec, 2020 | 17:15
Updated At:22 Dec, 2020 | 20:41

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.0HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.4MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.4
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P
CPE Matches
Bitdefender
bitdefender
>>hypervisor_introspection>>Versions before 1.132.2(exclusive)
cpe:2.3:a:bitdefender:hypervisor_introspection:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE-733Secondarycve-requests@bitdefender.com
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-733
Type: Secondary
Source: cve-requests@bitdefender.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/cve-requests@bitdefender.com
Third Party Advisory
Hyperlink: https://www.bitdefender.com/support/security-advisories/compiler-optimization-removal-modification-security-critical-code-vulnerability-bitdefender-hypervisor-introspection-va-9339/
Source: cve-requests@bitdefender.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

14Records found
CVE-2022-0357
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.45%
||
7 Day CHG~0.00%
Published-24 May, 2023 | 07:53
Updated-16 Jan, 2025 | 15:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Quoting Path Issue in Bitdefender Total Security

Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.

Action-Not Available
Vendor-Bitdefender
Product-internet_securitytotal_securityantivirus_plusTotal SecurityInternet SecurityAntivirus Plus
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-4199
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.80%
||
7 Day CHG~0.00%
Published-07 Mar, 2022 | 11:35
Updated-16 Sep, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.

Action-Not Available
Vendor-Bitdefender
Product-internet_securitytotal_securityendpoint_security_toolsantivirus_plusAntivirus PlusTotal SecurityInternet SecurityEndpoint Security Tools for Windows
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2021-3960
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.1||HIGH
EPSS-0.05% / 13.83%
||
7 Day CHG~0.00%
Published-16 Dec, 2021 | 14:40
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-10146)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects Bitdefender GravityZone versions prior to 3.3.8.272

Action-Not Available
Vendor-Bitdefender
Product-gravityzoneGravityZone
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-3579
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.52%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 13:50
Updated-16 Sep, 2024 | 23:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.

Action-Not Available
Vendor-Bitdefender
Product-total_securityendpoint_security_toolsENdpoint Security Tools for WindowsTotal Security
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-3576
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.14%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 13:50
Updated-17 Sep, 2024 | 03:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation via SeImpersonatePrivilege

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.

Action-Not Available
Vendor-Bitdefender
Product-total_securityendpoint_security_toolsEndpoint Security ToolsTotal Security
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-3423
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.13%
||
7 Day CHG~0.00%
Published-18 May, 2021 | 11:00
Updated-17 Sep, 2024 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation in Bitdefender GravityZone Business Security

Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security allows an attacker to load a third party DLL to elevate privileges. This issue affects Bitdefender GravityZone Business Security versions prior to 6.6.23.329.

Action-Not Available
Vendor-Bitdefender
Product-gravityzone_business_securityGravityZone Business Security
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-11128
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-8.4||HIGH
EPSS-0.03% / 5.82%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 21:49
Updated-11 Feb, 2025 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient Hardened Runtime or Library Validation signing in Bitdefender Virus Scanner for macOS

A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). This issue is caused by the absence of Hardened Runtime or Library Validation signing. This issue affects Bitdefender Virus Scanner versions before 3.18.

Action-Not Available
Vendor-Bitdefender
Product-virus_scannerVirus Scanner
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-8107
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-8.2||HIGH
EPSS-0.06% / 17.81%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 08:20
Updated-16 Sep, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Process Control vulnerability in Bitdefender Antivirus Plus

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.

Action-Not Available
Vendor-Bitdefender
Product-internet_securitytotal_securityantivirus_plusAntivirus PlusInternet SecurityTotal Security
CWE ID-CWE-114
Process Control
CVE-2020-8097
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-8.1||HIGH
EPSS-0.04% / 11.79%
||
7 Day CHG~0.00%
Published-30 Aug, 2020 | 20:35
Updated-17 Sep, 2024 | 02:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper authentication vulnerability in Bitdefender Endpoint Security Tools and Endpoint Security SDK (VA-8646)

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.

Action-Not Available
Vendor-Bitdefender
Product-endpoint_securityendpoint_security_toolsEndpoint Security SDKEndpoinit Security Tools for Windows
CWE ID-CWE-287
Improper Authentication
CVE-2020-8093
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 28.48%
||
7 Day CHG~0.00%
Published-29 Jan, 2020 | 16:05
Updated-17 Sep, 2024 | 02:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Code Injection into Bitdefender AV for Mac

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution

Action-Not Available
Vendor-Bitdefender
Product-antivirusBitdefender Antivirus for Mac
CWE ID-CWE-264
Not Available
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2023-6154
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.84%
||
7 Day CHG+0.01%
Published-01 Apr, 2024 | 10:06
Updated-07 Feb, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation in Bitdefender Total Security (VA-11168)

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.

Action-Not Available
Vendor-Bitdefender
Product-antivirusantivirus_plustotal_securityinternet_securityAntivirus PlusAntivirus FreeInternet SecurityTotal Securityantivirus_plusinternet_securityantivirustotal_security
CWE ID-CWE-15
External Control of System or Configuration Setting
CWE ID-CWE-610
Externally Controlled Reference to a Resource in Another Sphere
CVE-2019-17100
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-5.2||MEDIUM
EPSS-0.21% / 43.08%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 13:55
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Search Path vulnerability in Bitdefender Total Security 2020 (VA-5895)

An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69.

Action-Not Available
Vendor-Bitdefender
Product-total_security_2020bdserviceshost.exe
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-17099
Matching Score-8
Assigner-Bitdefender
ShareView Details
Matching Score-8
Assigner-Bitdefender
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.21%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:23
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Search Path vulnerability in EPSecurityService.exe (VA-3500)

An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163.

Action-Not Available
Vendor-Bitdefender
Product-endpoint_security_toolsEPSecurityService.exe
CWE ID-CWE-426
Untrusted Search Path
CVE-2019-12612
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-31 Oct, 2019 | 16:02
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that allows an attacker to pass arbitrary code to the BOX appliance via the web API. In order to exploit this vulnerability, an attacker needs presence in Bitdefender BOX setup network and Bitdefender BOX be in setup mode.

Action-Not Available
Vendor-n/aBitdefender
Product-boxbox_firmwaren/a
Details not found