CVE-2020-15294
Compiler Optimization Removal or Modification of Security-Critical Code vulnerability in Bitdefender Hypervisor Introspection (VA-9339)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memory-mapped from the guest space, this may cause a race-condition where the generated code would dereference the same address twice, thus obtaining different values, which may lead to arbitrary code execution. This issue affects: Bitdefender Hypervisor Introspection versions prior to 1.132.2.
Una vulnerabilidad de Eliminación de la Optimización del Compilador o Modificación de Código Crítico de Seguridad en la función IntPeParseUnwindData() resulta en múltiples desreferencias al mismo puntero. Si el puntero es encontrado en un mapa de memoria del espacio de invitado, esto puede causar una condición de carrera en la que el código generado derivaría la misma dirección dos veces, obteniendo así valores diferentes, lo que puede conllevar a una ejecución de código arbitraria. Este problema afecta: Bitdefender Hypervisor Introspection versiones anteriores a 1.132.2
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-06-25 CVE Reserved
- 2020-12-17 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-733: Compiler Optimization Removal or Modification of Security-critical Code
CAPEC
References (1)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Bitdefender Search vendor "Bitdefender" | Hypervisor Introspection Search vendor "Bitdefender" for product "Hypervisor Introspection" | < 1.132.2 Search vendor "Bitdefender" for product "Hypervisor Introspection" and version " < 1.132.2" | - |
Affected
|