Bitdefender Total Security — known CVE vulnerabilities
Every CVE whose affected-product data names Bitdefender Total Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2007-5775 — CVSS 9.8 (critical): Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as…
CVE-2020-8107 — CVSS 8.2 (high): A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product…
CVE-2025-7073 — CVSS 7.8 (high): A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to…
CVE-2018-6183 — CVSS 7.8 (high): BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a…
CVE-2021-3576 — CVSS 7.8 (high): Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to…
CVE-2021-3579 — CVSS 7.8 (high): Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint…
CVE-2021-4199 — CVSS 7.8 (high): Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender…
CVE-2023-6154 — CVSS 7.8 (high): A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus…
CVE-2023-6057 — CVSS 7.4 (high): A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of…
CVE-2023-49570 — CVSS 7.4 (high): A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate…
CVE-2023-6055 — CVSS 7.4 (high): A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly…
CVE-2023-6056 — CVSS 7.4 (high): A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of…
CVE-2017-10950 — CVSS 7.0 (high): This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62…
CVE-2023-6058 — CVSS 6.8 (medium): A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a…
CVE-2023-49567 — CVSS 6.8 (medium): A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the…
CVE-2022-0357 — CVSS 6.7 (medium): Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet…
CVE-2017-6186 — CVSS 6.7 (medium): Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus…
CVE-2019-14242 — CVSS 6.7 (medium): An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool versions prior to 6.6.8.115; and…
CVE-2020-15732 — CVSS 6.5 (medium): Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an…
CVE-2021-4198 — CVSS 6.1 (medium): A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security…