CVE-2023-6058

HTTPS Certificate Validation Issue in Bitdefender Safepay (VA-11167)

Severity Score

8.6

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for subsequent HTTPS scans. This vulnerability allows an attacker to perform a Man-in-the-Middle (MITM) attack by using a self-signed certificate, which the product will trust after the site has been added to exceptions. This can lead to the interception and potential alteration of secure communications.

Se ha identificado una vulnerabilidad en el manejo de conexiones HTTPS por parte de Bitdefender Safepay. El problema surge cuando el producto bloquea una conexión debido a un certificado de servidor que no es de confianza, pero permite al usuario agregar el sitio a las excepciones, lo que hace que el producto confíe en el certificado para los análisis HTTPS posteriores. Esta vulnerabilidad permite a un atacante realizar un ataque Man-in-the-Middle (MITM) mediante el uso de un certificado autofirmado, en el que el producto confiará después de que el sitio se haya agregado a las excepciones. Esto puede provocar la interceptación y posible alteración de las comunicaciones seguras.

*Credits: N/A

CVSS Scores

Bitdefenderv4 8.6

Attack Vector

Adjacent

Attack Complexity

Low

Attack Requirements

Present

Privileges Required

None

User Interaction

Active

System

Vulnerable | Subsequent

Confidentiality

High

Integrity

High

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2023-11-09 CVE Reserved
2024-10-18 CVE Published
2024-10-18 CVE Updated
2024-10-23 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-295: Improper Certificate Validation

CAPEC

CAPEC-94: Adversary in the Middle (AiTM)

References (1)

URL	Tag	Source
https://www.bitdefender.com/support/security-advisories/https-certificate-validation-issue-in-bitdefender-safepay-va-11167

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Bitdefender Search vendor "Bitdefender"		Total Security Search vendor "Bitdefender" for product "Total Security"				< 27.0.25.115 Search vendor "Bitdefender" for product "Total Security" and version " < 27.0.25.115"		en		Affected