CVE-2019-17099

MEDIUM

Bitdefender Endpoint Security Tools < 6.6.11.163 - Untrusted Search Path in EPSecurityService.exe

Title source: llm

Description

An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.bitdefender.com/support/security-advisories/untrusted-search-path-vulnerability-epsecurityservice-exe-va-3500/

Scores

CVSS v3 5.3

EPSS 0.0065

EPSS Percentile 46.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L

Details

CWE

CWE-426

Status published

Products (1)

bitdefender/endpoint_security_tools < 6.6.11.163

Published Jan 27, 2020

Tracked Since Feb 18, 2026