cbcvebase.
CVE-2020-8097
published 2020-08-30

CVE-2020-8097: An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local…

PriorityP339high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.40%
31.8th percentile
An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.18.261. Bitdefender Endpoint Security SDK versions prior to 6.6.18.261.

Affected

4 ranges
VendorProductVersion rangeFixed in
bitdefenderendpoinit_security_tools_for_windows>= unspecified < 6.6.18.2616.6.18.261
bitdefenderendpoint_security< 6.6.18.2616.6.18.261
bitdefenderendpoint_security_sdk>= unspecified < 6.6.18.2616.6.18.261
bitdefenderendpoint_security_tools< 6.6.18.2616.6.18.261

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat6.7MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.