SecuriTricks - CVE-2024-11128

Description

A vulnerability in the BitdefenderVirusScanner binary as used in Bitdefender Virus Scanner for MacOS may allow .dynamic library injection (DYLD injection) without being blocked by AppleMobileFileIntegrity (AMFI). This issue is caused by the absence of Hardened Runtime or Library Validation signing. This issue affects Bitdefender Virus Scanner versions before 3.18.

Product(s) Impacted

Vendor	Product	Versions
Bitdefender	Virus Scanner	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	bitdefender	virus_scanner	/	/	/	/	/	macos	/	/

References

https://www.bitdefender.com/support/security-advisories/insufficient-hardened-runtime-or-library-validation-signing-in-bitdefender-virus-scanner-for-macos/

CVSS Score

8.4 / 10

CVSS Data - 4.0

Attack Vector: LOCAL
Attack Complexity: LOW
Attack Requirements: NONE
Privileges Required: LOW
User Interaction: ACTIVE
Scope:
Confidentiality Impact: HIGH
Integrity Impact: HIGH
Availability Impact: NONE
Exploit Maturity: NOT_DEFINED

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

View Vector String

Timeline

Published: Jan. 13, 2025, 10:15 p.m.
Last Modified: Feb. 11, 2025, 9:38 p.m.

Status : Analyzed

CVE has had analysis completed and all data associations made.

More info

Source

cve-requests@bitdefender.com

CVE-2024-11128