CVE-2020-8093

MEDIUM

Bitdefender Antivirus for Mac < 8.0.0 - Code Injection via DYLD Environment Variable

Title source: llm

Description

A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.bitdefender.com/support/security-advisories/code-injection-into-bitdefender-antivirus-for-mac-va-3441/

Scores

CVSS v3 5.3

EPSS 0.0042

EPSS Percentile 33.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Details

CWE

CWE-264 CWE-74

Status published

Products (1)

bitdefender/antivirus < 8.0.0

Published Jan 30, 2020

Tracked Since Feb 18, 2026