Bitdefender Total Security has been found vulnerable to Man-in-the-Middle (MITM) attacks due to improper certificate validation in its HTTPS scanning functionality.
This vulnerability, identified under multiple CVEs, poses a serious risk to users by potentially allowing attackers to intercept and alter communications with websites.
CVE-2023-6055: Improper Certificate Validation
The first vulnerability, CVE-2023-6055, reveals that Bitdefender Total Security fails to validate website certificates properly.
Specifically, the software incorrectly deems such certificates valid if a site’s certificate lacks the “Server Authentication” specification in the Extended Key Usage extension.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
This flaw could enable attackers to perform MITM attacks, intercepting and possibly altering data exchanged between users and websites.
With a CVSS score of 8.6, this vulnerability is considered highly severe due to its ease of exploitation and potential impact on confidentiality and integrity.
CVE-2023-6056: Insecure Trust of Self-Signed Certificates
Another critical flaw, CVE-2023-6056, involves the improper trust of self-signed certificates. Bitdefender Total Security is found to trust certificates signed with the RIPEMD-160 hashing algorithm without adequate validation.
This oversight allows attackers to establish SSL connections to arbitrary sites using self-signed certificates, effectively enabling MITM attacks.
The vulnerability shares the same high CVSS score of 8.6, underscoring the significant risk it poses to users.
CVE-2023-6057: Insecure Trust of DSA-Signed Certificates
The third vulnerability, CVE-2023-6057, concerns the insecure trust of certificates issued using the DSA signature algorithm.
Bitdefender Total Security fails to adequately check the certificate chain for these certificates, allowing attackers to exploit this weakness and establish SSL connections with arbitrary sites.
Like the previous vulnerabilities, this one also carries a CVSS score of 8.6, highlighting its potential for causing substantial harm.
CVE-2023-49567: Insecure Trust of Collision Hash Functions
One newly identified vulnerability, CVE-2023-49567, reveals that Bitdefender Total Security incorrectly trusts certificates issued using MD5 and SHA1 collision hash functions.
These outdated and insecure hash functions allow attackers to create rogue certificates that appear legitimate, enabling MITM SSL connections to arbitrary sites.
This vulnerability has a CVSS score of 8.6, indicating its high severity due to its potential to impact user data integrity and confidentiality significantly.
CVE-2023-49570: Insecure Trust of Basic Constraints Certificates
Another critical issue, CVE-2023-49570, involves the improper trust of certificates where the “Basic Constraints” extension indicates they are meant for “End Entity” use.
Bitdefender Total Security fails to validate whether the issuing entity is authorized to issue such certificates.
This flaw could allow attackers to attack MITM by intercepting and altering communications between users and websites. It also has a high CVSS score of 8.6, reflecting its serious implications for user security.
Bitdefender has responded promptly by releasing an automatic update to product version 27.0.25.115, which addresses these vulnerabilities.
Users are strongly advised to ensure their software is updated to this version or later to protect against potential exploitation.
These vulnerabilities highlight the critical importance of proper certificate validation in cybersecurity products.
As HTTPS scanning is a common feature in many security solutions, ensuring robust validation processes is essential for maintaining user trust and safety online.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide (PDF)