CVEDB API

Vulnerabilities

Vulnerable Software

Bitdefender: >> Internet Security >> 26.0.10.45 Security Vulnerabilities

CVE-2025-7073

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.

CVSS Score

8.8

EPSS Score

0.0

Published

2025-12-10

CVE-2007-5775

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

CVSS Score

9.8

EPSS Score

0.076

Published

2007-11-01

Page 1

Vulnerabilities

Vulnerable Software

Bitdefender: >> Internet Security >> 26.0.10.45 Security Vulnerabilities

Products

Pricing

Contact Us