Overview
Bitdefender has issued a security advisory detailing critical vulnerabilities within its flagship products, Bitdefender Total Security and SafePay. These vulnerabilities pose significant risks to users and require urgent patching.
Bitdefender Total Security serves as a cybersecurity solution designed to protect devices across various platforms against malware, ransomware, and numerous other cyber threats. Its key features include real-time threat detection, privacy safeguards, and performance enhancements. A standout feature, SafePay, is a secure browser that isolates users’ online activities—such as banking and shopping—encrypts transactions to prevent unauthorized access and ensure safe financial interactions.
The vulnerability classification is based on the Common Vulnerability Scoring System (CVSS) and includes four categories: Critical (9.0-10), High (7.0-9.0), Medium (4.0-6.9), and Low (0.0-3.9). The advisory highlights six high-severity vulnerabilities, each assigned a corresponding CVE ID: CVE-2023-6055, CVE-2023-6056, CVE-2023-6057, CVE-2023-6058, CVE-2023-49567, and CVE-2023-49570. All of these vulnerabilities affect Bitdefender Total Security and SafePay, with patches now available via automatic updates.
Vulnerability Details
- CVE-2023-6055: The first vulnerability, identified as CVE-2023-6055, relates to improper certificate validation in Bitdefender Total Security. It has a CVSS score of 8.6, indicating a high severity level. The issue stems from the software’s failure to adequately validate HTTPS website certificates. Specifically, if a site certificate does not include “Server Authentication” in its Extended Key Usage extension, the software incorrectly considers it valid. This flaw can enable an attacker to conduct a Man-in-the-Middle (MITM) attack, potentially intercepting and modifying communications between users and websites. To address this issue, an automatic update to version 27.0.25.115 is available.
- CVE-2023-6056: Another significant vulnerability, CVE-2023-6056, also carries a high severity score of 8.6. This vulnerability involves the software improperly trusting self-signed certificates, particularly those signed with the RIPEMD-160 hashing algorithm. As a result, attackers can establish MITM SSL connections to arbitrary sites. Users are encouraged to install the automatic update to version 27.0.25.115 to mitigate this risk.
- CVE-2023-6057: The third vulnerability, CVE-2023-6057, is found within the HTTPS scanning functionality of Bitdefender Total Security. With a CVSS score of 8.6, this vulnerability arises from the software’s failure to adequately check the certificate chain for DSA-signed certificates, allowing for potential MITM attacks. To resolve this issue, users should apply the automatic update to version 27.0.25.115.
- CVE-2023-6058: This vulnerability impacts Bitdefender SafePay and has a high severity score of 8.6. It occurs when SafePay blocks a connection due to an untrusted server certificate, but users have the option to add the site to exceptions. By doing so, the software subsequently trusts the certificate for future HTTPS scans, which can open the door to MITM attacks using self-signed certificates. An automatic update to version 27.0.25.115 is available to fix this vulnerability.
- CVE-2023-49567: Another critical vulnerability is CVE-2023-49567, which has the same CVSS score of 8.6. This flaw is due to the software trusting certificates issued using MD5 and SHA1 collision hash functions, enabling attackers to create rogue certificates that appear legitimate. Users should update to version 27.0.25.115 to eliminate this risk.
- CVE-2023-49570: This vulnerability also scores 8.6 on the CVSS scale. This vulnerability allows Bitdefender to trust a certificate issued by an unauthorized entity, potentially enabling MITM attacks. To protect against this risk, users should install the automatic update to version 27.0.25.115.
Recommendations and Mitigations
To mitigate the risks associated with these vulnerabilities, the following strategies are recommended:
- Organizations should regularly update all software systems with the latest patches from official vendors. Establishing a routine for applying critical patches immediately can reduce vulnerabilities.
- A comprehensive strategy should encompass inventory management, patch assessment, testing, deployment, and verification. Automation of these processes can enhance consistency and efficiency.
- Implement proper segmentation to protect critical assets from less secure areas. This strategy can help limit exposure and reduce potential attack surfaces.
- Organizations should maintain a clear incident response plan detailing how to detect, respond to, and recover from security incidents. Regular testing of this plan is essential to ensure its effectiveness.
- Comprehensive monitoring solutions should be in place to detect and analyze suspicious activities. Utilizing Security Information and Event Management (SIEM) systems can enhance real-time threat detection and response capabilities.
- Organizations must proactively evaluate the criticality of their End-of-Life (EOL) products and plan for timely upgrades or replacements to minimize security risks.
Conclusion
The recent vulnerabilities found in Bitdefender Total Security and SafePay highlight critical risks that can undermine users’ cybersecurity defenses. While these products are designed to protect against a myriad of threats, the existence of high-severity vulnerabilities necessitates a proactive approach to patch management. Organizations must remain vigilant, ensuring that their cybersecurity solutions are not only effective but also up-to-date to prevent exploitation.
Related
文章来源: https://cyble.com/blog/bitdefender-total-security-vulnerabilities-recent-patches-and-recommendations/
如有侵权请联系:admin#unsafe.sh