CVE-2020-8099: Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8387)
First published: Tue Apr 21 2020(Updated: )
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17.
Credit: cve-requests@bitdefender.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bitdefender Antivirus 2020 | <1.0.17 |
Remedy
An automated update to version 1.0.17 or higher fixes the issue.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-8099.
What is the title of this vulnerability?
The title of this vulnerability is 'A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location.'
Which versions of Bitdefender Antivirus Free are affected?
Bitdefender Antivirus Free versions prior to 1.0.17 are affected.
How severe is this vulnerability?
This vulnerability has a severity rating of 6.2 (High).
How can I fix this vulnerability?
To fix this vulnerability, you should update Bitdefender Antivirus Free to version 1.0.17 or later.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/remedy
- agent/references
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/tags
- vendor/bitdefender
- canonical/bitdefender antivirus 2020