CVE-2025-7073

by Fred · 10/12/2025

A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:ProgramDataAtcFeedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.

More information : https://www.bitdefender.com/support/security-advisories/local-privilege-escalation-via-arbitrary-file-operation-in-bitdefender-atc-va-12590

CVE-2025-7073

Similar

Recent Posts

Categories

CVE-2025-7073

Share this:

Similar

Recent Posts

Categories

Tags