Antivirus software from Bitdefender and Trend Micro vulnerable to attack

Vulnerabilities in Bitdefender and Trend Micro antivirus software put systems at risk. Admins should install the available security updates promptly to prevent attacks.

Because Bitdefender Total Security has problems with certificate verification in the HTTPS scan function, attackers can connect to connections as a man-in-the-middle and thus eavesdrop on the data traffic between a victim and a website.

Bitdefender Total Security

In the support section of the Bitdefender website, the developers state that they have closed a total of five vulnerabilities (CVE-2023-49567, CVE-2023-49570, CVE-2023-6055, CVE-2023-6056, CVE-2023-6057) with a threat level of"high". In order for such an attack to work, attackers can use hash collisions (MD5 and SHA1) to generate certificates that are waved through as legitimate.

The security problems should be solved in the automatically installing Total Security version 27.0.25.11. The developers are not currently specifying whether there are already attacks and by which parameters admins can recognize computers that have already been attacked. It also remains unclear which operating systems are affected by the security problem.

Trend Micro Deep Security Agent

For security reasons, anyone using the Deep Security Agent IT protection solution from Trend Micro on Windows should install version 20.0.1-17380 (20 LTS Update 2024-08-21). If this is not done, attackers can exploit a security vulnerability (CVE-2024-48903"high") according to a warning message.

If an attack is successful, attackers can gain higher user rights due to insufficient authentication control. However, they must already have low user rights, Trend Micro explains.

(des)