Bitdefender has patched a vulnerability across its popular products like Internet Security, Antivirus Plus, Total Security, and Antivirus Free, addressing potential privilege escalation issues. This vulnerability could grant attackers system access, enabling data theft, root access, malware installation, and system interference.
Bitdefender Security Privilege Escalation Vulnerability
CVE-2023-6154 – Local Privilege Escalation
Tracked as CVE-2023-6154, this vulnerability in Bitdefender Antivirus Plus, Antivirus Free, Total Security, and Internet Security’s seccenter.exe poses a significant risk with a CVSS score of 7.8.
This enables attackers to alter the intended behavior of the product, potentially loading a third-party library during execution. Consequently, this can lead to privilege escalation, granting attackers full control over the targeted system.
It reports a configuration setting issue in seccenter.exe, utilized in Bitdefender Total Security, Internet Security, Antivirus Plus, and Antivirus Free. This flaw enables attackers to alter the expected behavior of the product and potentially load a third-party library during execution.
Affected Products
- Total Security: 27.0.25.114
- Internet Security: 27.0.25.114
- Antivirus Plus: 27.0.25.114
- Antivirus Free: 27.0.25.114
The issue has been resolved through an automatic update to version 27.0.25.115.
Recommendation
Ensure your system’s security by updating your Bitdefender software. Here’s how:
- Open the Bitdefender software.
- Navigate to the “Update” section.
- Check for available updates and install them if necessary.
To mitigate this vulnerability, it’s recommended to apply the patch as soon as possible.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment