CVE-2025-7073
Description
A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.
✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| bitdefender | antivirus | {"endExcluding":"30.0.25.77"} | 30.0.25.77 |
| bitdefender | antivirus_plus | {"endExcluding":"27.0.47.241"} | 27.0.47.241 |
| bitdefender | endpoint_security_tools | {"endExcluding":"7.9.20.515"} | 7.9.20.515 |
| bitdefender | internet_security | {"endExcluding":"27.0.47.241"} | 27.0.47.241 |
| bitdefender | total_security | {"endExcluding":"27.0.47.241"} | 27.0.47.241 |
References
CWEs
CWE-59
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.