← back
CVE-2022-0357

Improper Quoting Path Issue in Bitdefender Total Security

CVSS 6.7 MEDIUMEPSS 0.2%CWE-428
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.7EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
24 May 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
Bitdefender · Antivirus PlusBitdefender · Internet SecurityBitdefender · Total Security

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security