CVE-2023-6154

HIGH

Bitdefender Antivirus 27.0.25.114 - Uncontrolled Search Path Element in seccenter.exe

Title source: llm

Description

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.

References (1)

Core 1

Core References

Vendor Advisory

https://bitdefender.com/support/security-advisories/local-privilege-escalation-in-bitdefender-total-security-va-11168/

Scores

CVSS v3 7.8

EPSS 0.0020

EPSS Percentile 9.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-15 CWE-610

Status published

Products (4)

bitdefender/antivirus 27.0.25.114

bitdefender/antivirus_plus 27.0.25.114

bitdefender/internet_security 27.0.25.114

bitdefender/total_security 27.0.25.114

Published Apr 01, 2024

Tracked Since Feb 18, 2026