Improper Quoting Path Issue in Bitdefender Total Security
CVE-2022-0357

6.7MEDIUM

Key Information:

Vendor: Bitdefender
Status: Total Security; Internet Security; Antivirus Plus
Vendor: CVE Published:; 24 May 2023

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2022-0357?

Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.

This issue affects:

Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.

Affected Version(s)

Antivirus Plus 26.0.10.45

Internet Security 26.0.10.45

Total Security 26.0.10.45

References

https://www.bitdefender.com/support/security-advisories/i...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2023
Vulnerability Reserved
Jan 25, 2022