A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product…
Bitdefender·CWE-114·Published 2022-02-18
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions prior to 24.0.26.136. Bitdefender Total Security versions prior to 24.0.26.136.
Una vulnerabilidad de Control de Procesos en ProductAgentUI.exe usado en Bitdefender Antivirus Plus permite a un atacante manipular la configuración del producto por medio de un archivo DLL especialmente diseñado. Este problema afecta a: Bitdefender Antivirus Plus versiones anteriores a 24.0.26.136. Bitdefender Internet Security versiones anteriores a 24.0.26.136. Bitdefender Total Security versiones anteriores a 24.0.26.136
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 4.4 | 3.4 | 6.4 | AV:L/AC:M/Au:N/C:P/I:P/A:P |
| 3.1 | Primary | cve.org | 8.2 | — | — | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 8.2 | — | — | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |
| 3.1 | Primary | NVD | 7.8 | 1.8 | 5.9 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | NVD | 8.2 | 1.5 | 6.0 | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H |