Known Vulnerabilities for products from Bitdefender
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bitdefender".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Bitdefender can be found at device.report : Bitdefender
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-7073 | A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged... | Not Provided | 2025-12-10 | 2026-03-31 |
| CVE-2022-0357 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-05-24 | 2023-05-31 |
| CVE-2021-3960 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of... | 7.8 - HIGH | 2021-12-16 | 2021-12-21 |
| CVE-2021-3959 | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools a... | 7.5 - HIGH | 2021-12-16 | 2021-12-22 |
| CVE-2021-3823 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of... | 9.8 - CRITICAL | 2021-10-28 | 2021-11-03 |
| CVE-2021-3641 | Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Se... | 6.1 - MEDIUM | 2021-11-09 | 2022-02-09 |
| CVE-2021-3579 | Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefe... | 7.8 - HIGH | 2021-10-28 | 2021-11-28 |
| CVE-2021-3576 | Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local att... | 7.8 - HIGH | 2021-10-28 | 2022-04-25 |
| CVE-2021-3554 | Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linu... | 10 - CRITICAL | 2021-11-24 | 2022-04-25 |
| CVE-2021-3553 | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an a... | 7.5 - HIGH | 2021-11-24 | 2021-11-30 |
| CVE-2021-3552 | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools a... | 7.5 - HIGH | 2021-11-24 | 2021-12-01 |
| CVE-2021-3485 | An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux all... | 6.6 - MEDIUM | 2021-05-24 | 2023-11-07 |
| CVE-2021-3423 | Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security ... | 7.8 - HIGH | 2021-05-18 | 2021-05-25 |
| CVE-2020-15734 | An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload ca... | 5.5 - MEDIUM | 2021-04-12 | 2021-04-21 |
| CVE-2020-15733 | An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misr... | 6.5 - MEDIUM | 2020-12-14 | 2020-12-16 |
| CVE-2020-15732 | Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security al... | 7.5 - HIGH | 2021-06-22 | 2021-06-29 |
| CVE-2020-15731 | An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an a... | 3.6 - LOW | 2020-09-30 | 2020-10-09 |
| CVE-2020-15297 | Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools ver... | 9.1 - CRITICAL | 2020-11-09 | 2020-11-24 |
| CVE-2020-15294 | Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in mu... | 7 - HIGH | 2020-12-17 | 2020-12-22 |
| CVE-2020-15293 | Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insuffic... | 5.5 - MEDIUM | 2020-12-17 | 2020-12-22 |
Known software with vulnerabilities from Bitdefender
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bitdefender | Antimalware Software Development Kit | 3.0.1.204 |
| Application | Bitdefender | Antivirus | - |
| Application | Bitdefender | Antivirus 2020 | - |
| Application | Bitdefender | Antivirus For Mac | - |
| Application | Bitdefender | Antivirus Plus | - |
| Hardware | Bitdefender | Box | - |
| Operating System | Bitdefender | Box 2 Firmware | 2.1.47.36 |
| Operating System | Bitdefender | Box Firmware | - |
| Application | Bitdefender | Endpoint Security | - |
| Application | Bitdefender | Endpoint Security Tools | - |
| Application | Bitdefender | Engines | - |
| Application | Bitdefender | Gravityzone | - |
| Application | Bitdefender | Hypervisor Introspection | 1.132.0 |
| Application | Bitdefender | Safepay | 23.0.10.34 |
| Application | Bitdefender | Scan Engines | 7.76662 |
| Application | Bitdefender | Total Security | 21.0.24.62 |
| Application | Bitdefender | Total Security 2020 | - |
| Application | Bitdefender | Update Server | - |