CyberSec.Space Logo
Back to CVE Browser

CVE-2019-15295

HIGH
7.8
CVSS Severity Score
EPSS Score0.1040%
EPSS Percentile25.05th
PublishedAug 21, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.

Affected Platforms (CPE)

πŸ“¦
Bitdefender

Antivirus 2020

< 1.0.15.138

References & Advisories

πŸ”— https://safebreach.com/Post/BitDefender-Antivirus-Free-2020-Privilege-Escalation-to-SYSTEM
πŸ”— https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-serviceinstance-dll-bitdefender-antivirus-free-2020/
πŸ”— https://safebreach.com/Post/BitDefender-Antivirus-Free-2020-Privilege-Escalation-to-SYSTEM
πŸ”— https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-serviceinstance-dll-bitdefender-antivirus-free-2020/

Related Vulnerabilities

CVE-2020-108679.8

An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastS...

CVE-2020-89619.8

An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write opera...

CVE-2020-101809.8

The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions bef...

CVE-2020-60138.8

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to ...