Bitdefender GravityZone Installer Signature Bypass / Code Execution

2018.10.24

Credit: Kyriakos Economou

Risk: Medium

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

We recently identified a vulnerability in the digitally signed
Bitdefender GravityZone installer.
The vulnerability allows an attacker to execute malicious code without
breaking the original digital signature, and without embedding anything
malicious into the installer itself.
This means that an appropriately positioned attacker can cause the
signed installer to run an arbitrary remotely hosted executable.
For more information regarding these issues please visit:
https://labs.nettitude.com/blog/cve-2018-8955-bitdefender-gravityzone-arbitrary-code-execution/
Cheers,
kyREcon

References:

https://labs.nettitude.com/blog/cve-2018-8955-bitdefender-gravityzone-arbitrary-code-execution/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Bitdefender GravityZone Installer Signature Bypass / Code Execution

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.