CVE-2019-17100

An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.2 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
BitdefenderCNA
5.2 MEDIUM
LOCAL
LOW
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
bitdefendertotal_security_2020
𝑥
< 24.0.12.69
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-bitdefender-total-security-2020-va-5895/
https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-bitdefender-total-security-2020-va-5895/