CVE-2025-7073

Published: Dec 10, 2025

Modified: Mar 31, 2026

PUBLISHED

Description

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.

Vendor	Product	Versions
Bitdefender	Total Security	affected `0 - < 27.0.47.241`
Bitdefender	Internet Security	affected `0 - < 27.0.47.241`
Bitdefender	Antivirus Plus	affected `0 - < 27.0.47.241`

Weaknesses (CWE)

CWE-59

References

https://www.bitdefender.com/support/security-advisories/local-privilege-escalation-via-arbitrary-file-operation-in-bitdefender-atc-va-12590

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-7073

Description

Affected Products

Weaknesses (CWE)

References