CVE-2022-0357

Published: May 24, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45.

Affected (3)

Products: Bitdefender: Antivirus Plus, Internet Security, Total Security

3 products

Internet Security

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Bitdefender Antivirus Plus	Before 26.0.10.45
Bitdefender Internet Security	Before 26.0.10.45
Bitdefender Total Security	Before 26.0.10.45

Related CWEs

Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

References (2)

https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security

Source: cve-requests@bitdefender.com

Vendor Advisory

https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.