Vulnerability in Bitdefender Total Security

CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing al…

Vulnerability class: Improper Certificate Validation

EPSS: 0.002 (37.0th percentile) — read the EPSS interpretation.

Affected products

Bitdefender Total Security — versions 0

Weakness classification (CWE)

CWE-295 — Improper Certificate Validation

References

www.bitdefender.com/support/security-advisories/insecure-trust-of-self-signed-c…