Total Security
Monthly
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]
Bitdefender Total Security, Antivirus, Internet Security, and Endpoint Security Tools prior to version 27.0.47.241 allow local attackers with low privileges to execute arbitrary code as SYSTEM through a complex attack chain. The bdservicehost.exe service deletes files from C:\ProgramData\Atc\Feedback without validating symbolic links (CWE-59), enabling arbitrary file deletion that attackers chain with network-triggered file copy operations and filter driver bypass via DLL injection to achieve full privilege escalation. EPSS indicates 0.02% exploitation probability (6th percentile), and no public exploit code or active exploitation has been identified at time of analysis. Vendor has released patches addressing this multi-stage local escalation vector.
A vulnerability exists in Quick Heal Total Security 23.0.0 in the quarantine management component where insufficient validation of restore paths and improper permission handling allow a low-privileged local user to restore quarantined files into protected system directories. [CVSS 7.8 HIGH]
Bitdefender Total Security, Antivirus, Internet Security, and Endpoint Security Tools prior to version 27.0.47.241 allow local attackers with low privileges to execute arbitrary code as SYSTEM through a complex attack chain. The bdservicehost.exe service deletes files from C:\ProgramData\Atc\Feedback without validating symbolic links (CWE-59), enabling arbitrary file deletion that attackers chain with network-triggered file copy operations and filter driver bypass via DLL injection to achieve full privilege escalation. EPSS indicates 0.02% exploitation probability (6th percentile), and no public exploit code or active exploitation has been identified at time of analysis. Vendor has released patches addressing this multi-stage local escalation vector.