HIGH🇵🇱 Wersja polska

CVE-2020-8097

CVSS 8.1v3.1pub. 2020-08-30upd. 2024-11-21

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H
  • Bitdefender Endpoint Security

    APP
    Bitdefender
    < 6.6.18.261
  • Bitdefender Endpoint Security Tools

    APP
    Bitdefender
    < 6.6.18.261
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPEAuth Bypass
CWE
References

Related vulnerabilities

CVE-2021-3554CRITICAL9.0ten sam produkt

Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security...

CVE-2025-7073HIGH8.8ten sam produkt

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows ...

CVE-2024-2224HIGH8.1ten sam produkt

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in the UpdateServ...

CVE-2024-2223HIGH8.1ten sam produkt

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to c...

CVE-2022-0677HIGH7.5ten sam produkt

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefende...