CVE-2023-6154

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
BitdefenderCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
bitdefenderantivirus
27.0.25.114
bitdefenderantivirus_plus
27.0.25.114
bitdefenderinternet_security
27.0.25.114
bitdefendertotal_security
27.0.25.114
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-total-security-va-11168/
https://bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-total-security-va-11168/