Unrated severityNVD Advisory· Published Mar 12, 2025· Updated Mar 12, 2025

Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so

CVE-2024-13872

Description

Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to download assets over the Internet to update and restart daemons and detection rules on the devices. Updates can be remotely triggered through the /set_temp_token API method. Then, an unauthenticated and network-adjacent attacker can use man-in-the-middle (MITM) techniques to return malicious responses. Restarted daemons that use malicious assets can then be exploited for remote code execution on the device.

Affected products

Bitdefender/Box 1llm-fuzzy
Range: 1.3.11.490 – 1.3.11.505
Bitdefender/BOX v1v5
Range: 1.3.11.490

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bitdefender.com/support/security-advisories/insecure-update-mechanism-vulnerability-in-libboxhermes-so-in-bitdefender-box-v1mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000