CyberSecurityBoard
Sponsor Register Login

Bitdefender Warns of Multiple Vulnerabilities that Let Attackers Execute MITM Attack

This vulnerability specifically affects firmware version 1.3.11.490. The security flaw allows unauthenticated, network-adjacent attackers to execute arbitrary commands on the affected device. Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote code execution. The detailed CVSS vector string (CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) indicates that the vulnerability requires adjacent network access but no privileges or user interaction, while enabling complete compromise of confidentiality, integrity, and availability. These security flaws impact a product that Bitdefender notes is no longer sold or supported, leaving users of legacy devices particularly vulnerable to exploitation. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Bitdefender Labs, the company’s internal security research team, discovered this vulnerability during routine security auditing procedures. The insecure update mechanism represents a fundamental security design flaw where sensitive operations occur without proper encryption or authentication safeguards. If continued use is necessary, implementing additional network security controls to isolate these devices and monitoring for suspicious network activity becomes essential defensive measures. However, no patch appears to be available for the insecure update mechanism vulnerability (CVE-2024-13872), as Bitdefender notes that the product is no longer supported. The second critical vulnerability (CVE-2024-13871), involves an unauthenticated command injection flaw in the /check_image_and_trigger_recovery API endpoint of Bitdefender BOX v1. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. When daemons restart using these compromised assets, attackers can achieve remote code execution on the device. The potential for remote code execution means attackers could deploy malware or backdoors on affected systems.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Mar 2025 13:30:10 +0000


Cyber News related to Bitdefender Warns of Multiple Vulnerabilities that Let Attackers Execute MITM Attack

Bitdefender Warns of Multiple Vulnerabilities that Let Attackers Execute MITM Attack - This vulnerability specifically affects firmware version 1.3.11.490. The security flaw allows unauthenticated, network-adjacent attackers to execute arbitrary commands on the affected device. Bitdefender has disclosed two critical vulnerabilities ...
3 months ago Cybersecuritynews.com CVE-2024-13872
Bitdefender Email Protection identifies potentially dangerous content in webmail - Bitdefender launched Email Protection, a new feature that scans and identifies potentially dangerous content such as phishing attempts and online scams, in webmail accessed from any device. Email Protection allows users to extend one of the world's ...
1 year ago Helpnetsecurity.com
CVE-2022-3369 - An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: ...
9 months ago
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
2 years ago Trendmicro.com
Cyber Security News Weekly Round-Up - The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive. According to recent findings from Morphisec ...
1 year ago Cybersecuritynews.com CVE-2023-6317 CVE-2023-6320
CVE-2021-4198 - A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes ...
3 years ago
CVE-2022-0357 - Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. ...
2 years ago
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
LG releases updates for vulnerabilities that could allow hackers to gain access to TVs - Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions. Researchers from cybersecurity firm Bitdefender said the bugs - three of ...
1 year ago Therecord.media CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
RustDoor malware targets macOS users by posing as a Visual Studio Update - A new malware called RustDoor is targeting macOS users. The malware has been undetected for 3 months, and poses as a Microsoft Visual studio Update. ADVERTISEMENT. The malware was discovered by Bitdefender. Bitdefender products identify the malware ...
1 year ago Ghacks.net
New macOS Backdoor Linked to Prominent Ransomware Groups - A newly identified macOS backdoor written in Rust appears linked to the prominent ransomware families Black Basta and Alphv/BlackCat, cybersecurity firm Bitdefender reports. The malware, dubbed RustDoor, impersonates Visual Studio, supports both ...
1 year ago Securityweek.com Black Basta
CVE-2020-8097 - An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or tamper with the product's security settings. This ...
4 years ago
CVE-2019-14242 - An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and Bitdefender Antivirus Plus, Bitdefender Internet Security, and Bitdefender Total Security versions prior to 23.0.24.120) ...
3 years ago
CVE-2021-4199 - Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to ...
3 years ago
CVE-2022-0677 - Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue ...
3 years ago
Malicious Android 'Vapor' apps on Google Play installed 60 million times - Although all of these apps have since been removed from Google Play, there's a significant risk that Vapor will return through new apps as the threat actors have already demonstrated the ability to bypass Google's review process. Bitdefender ...
3 months ago Bleepingcomputer.com
Over 90,000 LG Smart TVs may be exposed to remote attacks - Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. The flaws enable varying degrees of unauthorized access and control over affected models, ...
1 year ago Bleepingcomputer.com CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
Chilean telecom giant GTD hit by the Rorschach ransomware gang - Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service platform, disrupting online services. Grupo GTD is a telecommunications company offering services throughout Latin America, with a presence in Chile, Spain, ...
1 year ago Bleepingcomputer.com Rhysida Metaencryptor
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
Bitdefender GravityZone Console Flaw Let Attackers Execute Arbitrary Commands - Organizations utilizing Bitdefender GravityZone Console should prioritize this update, given the vulnerability’s critical nature and the sensitive role that security management platforms play in organizational defense. The flaw tracked as ...
2 months ago Cybersecuritynews.com CVE-2025-2244
Zyxel warns of multiple critical vulnerabilities in NAS devices - Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage devices. Zyxel NAS systems are used for storing data ...
1 year ago Bleepingcomputer.com CVE-2023-35137 CVE-2023-35138
10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
4 months ago Cybersecuritynews.com
US offering $15m for info on ALPHV/Blackcat ransomware crew The Register - Infosec in brief The US government is offering bounties up to $15 million as a reward for anyone willing to help it take out the APLHV/Blackcat ransomware gang. ALPHV has made a habit of going after critical infrastructure targets, and last week ...
1 year ago Go.theregister.com CVE-2024-23816 CVE-2023-51440 CVE-2024-22042
CVE-2021-3554 - Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: ...
3 years ago
CVE-2021-3553 - A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint ...
3 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)