{ "document" : { "aggregate_severity" : { "text" : "mittel" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Bitdefender Antivirus ist eine Anti-Virus, Anti-Spyware und Anti-Malware Lösung.\r\nBitdefender Total Security ist eine Anti-Virus, Anti-Spyware, Anti-Malware und Anti-Spam Lösung.\r\nBitdefender Internet Security ist eine Anti-Virus, Anti-Spyware, Anti-Malware und Anti-Spam Lösung.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein lokaler Angreifer kann eine Schwachstelle in Bitdefender Antivirus, Bitdefender Total Security und Bitdefender Internet Security ausnutzen, um seine Berechtigungen zu erweitern. Die Schwachstelle kann mit anderen Schwachstellen kombiniert werden, um Codeausführungen mit erweiterten Berechtigungen und das Kopieren beliebiger Dateien zu erreichen.", "title" : "Angriff" }, { "category" : "general", "text" : "- Sonstiges\n- UNIX\n- Windows", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2025-2810 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2810.json" }, { "category" : "self", "summary" : "WID-SEC-2025-2810 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2810" }, { "category" : "external", "summary" : "Bitdefender Security Advisory CVE-2025-7073 vom 2025-12-09", "url" : "https://www.bitdefender.com/support/security-advisories/local-privilege-escalation-via-arbitrary-file-operation-in-bitdefender-atc-va-12590/" } ], "source_lang" : "en-US", "title" : "Bitdefender Antivirus, Total Security und Internet Security: Schwachstelle ermöglicht Privilegieneskalation", "tracking" : { "current_release_date" : "2025-12-10T23:00:00.000+00:00", "generator" : { "date" : "2025-12-11T09:45:34.259+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.5.0" } }, "id" : "WID-SEC-W-2025-2810", "initial_release_date" : "2025-12-09T23:00:00.000+00:00", "revision_history" : [ { "date" : "2025-12-09T23:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" }, { "date" : "2025-12-10T23:00:00.000+00:00", "number" : "2", "summary" : "Referenz(en) aufgenommen: EUVD-2025-202416" } ], "status" : "final", "version" : "2" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_version_range", "name" : "Plus <27.0.46.231", "product" : { "name" : "Bitdefender Antivirus Plus <27.0.46.231", "product_id" : "T049303" } }, { "category" : "product_version", "name" : "Plus 27.0.46.231", "product" : { "name" : "Bitdefender Antivirus Plus 27.0.46.231", "product_id" : "T049303-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:bitdefender:antivirus:plus__27.0.46.231" } } }, { "category" : "product_version_range", "name" : "Free versions <30.0.25.77", "product" : { "name" : "Bitdefender Antivirus Free versions <30.0.25.77", "product_id" : "T049304" } }, { "category" : "product_version_range", "name" : "Free versions 30.0.25.77", "product" : { "name" : "Bitdefender Antivirus Free versions 30.0.25.77", "product_id" : "T049304-fixed" } } ], "category" : "product_name", "name" : "Antivirus" }, { "branches" : [ { "category" : "product_version_range", "name" : "<27.0.46.231", "product" : { "name" : "Bitdefender Internet Security <27.0.46.231", "product_id" : "T049306" } }, { "category" : "product_version", "name" : "27.0.46.231", "product" : { "name" : "Bitdefender Internet Security 27.0.46.231", "product_id" : "T049306-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:bitdefender:internet_security:27.0.46.231" } } } ], "category" : "product_name", "name" : "Internet Security" }, { "branches" : [ { "category" : "product_version_range", "name" : "<27.0.46.231", "product" : { "name" : "Bitdefender Total Security <27.0.46.231", "product_id" : "T049305" } }, { "category" : "product_version", "name" : "27.0.46.231", "product" : { "name" : "Bitdefender Total Security 27.0.46.231", "product_id" : "T049305-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:bitdefender:total_security:27.0.46.231" } } } ], "category" : "product_name", "name" : "Total Security" } ], "category" : "vendor", "name" : "Bitdefender" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2025-7073", "product_status" : { "known_affected" : [ "T049306", "T049305", "T049304", "T049303" ] }, "release_date" : "2025-12-09T23:00:00.000+00:00", "title" : "CVE-2025-7073" } ] }