What is CVE-2020-15732?

CVE-2020-15732 is a medium-severity vulnerability in Bitdefender Antivirus Plus, classified under Improper Certificate Validation. CVSS score: 6.5/10. Published 2021-06-22.

How severe is CVE-2020-15732?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Bitdefender Antivirus Plus

CVE-2020-15732

Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefend…

Vulnerability class: Improper Certificate Validation

EPSS: 0.001 (24.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.

Affected products

Bitdefender Antivirus Plus — versions unspecified
Bitdefender Internet Security — versions unspecified
Bitdefender Total Security — versions unspecified

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

www.bitdefender.com/support/security-advisories/improper-certificate-validation… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-15732?: CVE-2020-15732 is a medium-severity vulnerability in Bitdefender Antivirus Plus, classified under Improper Certificate Validation. CVSS score: 6.5/10. Published 2021-06-22.
How severe is CVE-2020-15732?: Medium severity. CVSS v3 base score is 6.5 out of 10.