HIGH
Bitdefender
CVE published 2025-12-10
CVE-2025-7073
A local privilege escalation vulnerability in Bitdefender Total Security and related products allows low-privileged attackers to elevate privileges through a multi-stage attack chain. The vulnerability stems from improper symbolic link validation in the bdservicehost.exe service, which deletes files from a user-writable directory (C:ProgramDataAtcFeedback) without adequate security checks. This arbitrary [truncated]