SolarWinds MSP was notified of Bitdefender Vulnerability CVE-2020-8097 in their Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK. In some circumstances, this vulnerability can be used to allow arbitrary code execution, as well as elevation of privileges.
This impacts our RMM Managed Antivirus (MAV-BD) and our N-central AVDefender. The safeguards to address this vulnerability are available in version 18.104.22.1685. We advise all customers to upgrade to the 22.214.171.1245 release of RMM MAV-BD and N-central AVDefender, which contains a fix designed to resolve this vulnerability.
CVE – 2020-8097: https://nvd.nist.gov/vuln/detail/CVE-2020-8097