A vulnerability in free version of Bitdefender Antivirus could be used by intruders to gain system rights in Windows.
These privileges are used at a later stage of an attack, after the hacker has already hacked the victim's computer and needs increased permissions to run malicious code like a paower user.
The vulnerability is identified by the code CVE-2019-15295, and due to the lack of verification of the binaries being loaded (that they are signed and originated from a trusted site).
SafeBreach Labs' Peleg Hadar reports that the Bitdefender service (vsserv.exe) and the updater service (updatesrv.exe) were running as signed SYSTEM permissions.
However, they were trying to load a non-existent DLL file ('RestartWatchDog.dll') into the system path.
One of these sites is 'c: / python27,' which is accompanied by an access control list (ACL from the access control list) that is open to any computer-certified user. This enables privilege scaling because a normal rights user could "write" the missing DLL and load it from the signed Bitdefender processes.
SafeBreach revealed the vulnerability in Bitdefender on 17 July and on 14 August it was repaired by the security company.
On Monday, Bitdefender released an update to Antivirus Free 2020. So if you are using the app, it is best to update immediately.
Recall that iGuRu.gr in partnership with the company offers 6 annual licenses for the Bitdefender Total Security 2020, which can be used for different 5 devices.
- Mercedes has admitted that your car is watching you
- See the Leonardo da Vinci notebook collection for free
- The Windows Notepad 10 application is now available in the Microsoft Store
- Enable Ransomware Protection in Windows Defender
- Bitdefender 2020 upgrades your security and privacy
- Avast 19.7 with Google Analytics tracking enabled