CVE-2023-6154
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD
Description
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This issue affects Total Security: 27.0.25.114; Internet Security: 27.0.25.114; Antivirus Plus: 27.0.25.114; Antivirus Free: 27.0.25.114.
Affected (4)
Products: Bitdefender: Antivirus, Antivirus Plus, Internet Security, Total Security
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 27.0.25.114 | |
| Version 27.0.25.114 | |
| Version 27.0.25.114 | |
| Version 27.0.25.114 |
Related CWEs
CWE-15
External Control of System or Configuration Setting
One or more system settings or configuration elements can be externally controlled by a user.
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
References (2)
Source: cve-requests@bitdefender.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.