CVE-2023-6154
Local privilege escalation in Bitdefender Total Security (VA-11168)
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
01 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Bitdefender · Antivirus FreeBitdefender · Antivirus PlusBitdefender · Internet SecurityBitdefender · Total SecurityWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →