Primary

Context

Bitdefender Virus Scanner for macOS DYLD Injection Vulnerability

Vulnerability

A vulnerability exists in the Bitdefender Virus Scanner binary for macOS, allowing dynamic library injection (DYLD injection) that bypasses Apple Mobile File Integrity (AMFI). This issue arises from the lack of Hardened Runtime or Library Validation signing and affects Bitdefender Virus Scanner versions prior to 3.18.

Impact

Exploitation of this vulnerability could lead to unauthorized DYLD injection, allowing malicious dynamic libraries to be loaded by the application, potentially leading to arbitrary code execution.

Remediation

Users can update to Bitdefender Virus Scanner version 3.18 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bitdefender Virus Scanner for macOS DYLD Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating