Critical Vulnerabilities in Bitdefender Total Security Expose Users to Man-in-the-Middle Attacks
Bitdefender, a leading global cybersecurity technology company, has issued an urgent advisory regarding three critical vulnerabilities discovered in the HTTPS scanning feature of its Total Security product. These flaws could allow attackers to intercept and manipulate user communications, potentially exposing sensitive data.
The vulnerabilities, tracked as CVE-2023-6055, CVE-2023-6056, and CVE-2023-6057, all relate to how Bitdefender Total Security validates website certificates. In essence, the software failed to properly scrutinize certain types of certificates, leaving users vulnerable to man-in-the-middle (MITM) attacks. All three vulnerabilities have been given a severity score of 8.6 on the CVSSv4 scale, indicating the high risk they pose to users’ security.
“A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates,” the advisory states.
More specifically:
- CVE-2023-6055 involves improper validation of certificates lacking the “Server Authentication” specification.
- CVE-2023-6056 highlights insecure trust of self-signed certificates using the RIPEMD-160 hashing algorithm.
- CVE-2023-6057 exposes insecure trust of certificates signed with the DSA signature algorithm.
In each case, an attacker could exploit these weaknesses to establish a MITM position, enabling them to eavesdrop on user traffic, steal credentials, or even inject malicious code. This could have serious consequences for users, particularly those who rely on secure connections for online banking, shopping, or accessing sensitive information.
Bitdefender has acted swiftly to address these vulnerabilities, releasing an automatic update to product version 27.0.25.115. “An automatic update to product version 27.0.25.115 fixes the issue,” the advisory confirms for each CVE.
Users of Bitdefender Total Security are strongly urged to ensure their software is updated to the latest version to mitigate these risks. This incident serves as a reminder of the importance of staying vigilant about software updates and security patches, even for trusted security products.
