Critical security vulnerabilities impacted Bullguard's Antivirus and Secure Browser software, researcher claims
A major issue was found in the protection against malicious websites
A security researcher claims to have recently discovered a series of vulnerabilities in BullGuard's Antivirus and Secure Browser products which, if left unpatched, could have enabled hackers to spy on users and steal sensitive information from the device.
Wladimir Palant, who uncovered these vulnerabilities, revealed the details about the bugs in a blog post published on 6th July.
According to BullGuard, these bugs have already been "fixed in May and June of this year."
As noted by Palant, the first major issue impacted the protection offered by BullGuard Antivirus software against malicious websites. Palant found that by simply adding a hardcoded character sequence to the address of the domain, one could have made the software ignore a malicious domain.
"The first and very obvious issue was found in the protection against malicious websites," said Palant.
"While this functionality often cannot be relied upon, circumventing it typically requires some effort. Not so with BullGuard Antivirus: merely adding a hardcoded character sequence to the address would make BullGuard ignore a malicious domain."
Other issues uncovered by Palant included multiple cross-site scripting (XSS) vulnerabilities impacting BullGuard Secure Browsers. These XSS bugs in the user interface of the software could have potentially allowed malicious websites to spy on the user, crash the browser, and remotely run arbitrary code on the system.
Moreover, a specific vulnerability in the browser enabled hackers to display a pop-up window on top of the legitimate browser user interface (UI) and to display a bogus UI there.
After discovering the bugs in April, Palant started to look for a vulnerability disclosure process on BullGuard website, but didn't find any. Then, he contacted the company through email and also sent them reports about the flaws impacting the BullGuard's products.
In May, BullGuard confirmed the XSS vulnerabilities and fixed them in 20.0.378 Hotfix 2.
On 29th June, the protection circumvention vulnerability was also fixed by the company in its 20.0.380 Hotfix 2.
"Vulnerability research is critical to ensure that potential cyber vulnerabilities in products and services are uncovered and rapidly fixed," BullGuard said in a statement.
"BullGuard has been active in this area and has had an important role in identifying critical vulnerabilities in some of the world's leading IoT devices," it added.
"We welcome feedback if any vulnerabilities are identified in our own products and, as in this case, work closely with independent researchers to quickly fix any relevant issues identified."