Known Vulnerabilities for products from Bitdefender
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bitdefender".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Bitdefender can be found at device.report : Bitdefender
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-7073 json | A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged... | Not Provided | 2025-12-10 | 2026-03-31 |
| CVE-2023-3633 json | An out-of-bounds write vulnerability in Bitdefender Engines on Windows causes the engine to crash. This issue affects Bitde... | 7.5 - HIGH | 2023-07-14 | 2023-07-27 |
| CVE-2022-3369 json | An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allo... | 5.5 - MEDIUM | 2022-11-01 | 2023-11-07 |
| CVE-2022-2830 json | Deserialization of Untrusted Data vulnerability in the message processing component of Bitdefender GravityZone Console allows... | 9.8 - CRITICAL | 2022-09-05 | 2022-09-09 |
| CVE-2022-0677 json | Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Secu... | 7.5 - HIGH | 2022-04-07 | 2022-04-14 |
| CVE-2022-0357 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2023-05-24 | 2023-05-31 |
| CVE-2021-4199 json | Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in B... | 7.8 - HIGH | 2022-03-07 | 2022-03-11 |
| CVE-2021-4198 json | A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet S... | 6.1 - MEDIUM | 2022-03-07 | 2022-03-11 |
| CVE-2021-3960 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of... | 7.8 - HIGH | 2021-12-16 | 2021-12-21 |
| CVE-2021-3959 json | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools a... | 7.5 - HIGH | 2021-12-16 | 2021-12-22 |
| CVE-2021-3823 json | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of... | 9.8 - CRITICAL | 2021-10-28 | 2021-11-03 |
| CVE-2021-3641 json | Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Se... | 6.1 - MEDIUM | 2021-11-09 | 2022-02-09 |
| CVE-2021-3579 json | Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefe... | 7.8 - HIGH | 2021-10-28 | 2021-11-28 |
| CVE-2021-3576 json | Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local att... | 7.8 - HIGH | 2021-10-28 | 2022-04-25 |
| CVE-2021-3554 json | Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linu... | 10 - CRITICAL | 2021-11-24 | 2022-04-25 |
| CVE-2021-3553 json | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an a... | 7.5 - HIGH | 2021-11-24 | 2021-11-30 |
| CVE-2021-3552 json | A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools a... | 7.5 - HIGH | 2021-11-24 | 2021-12-01 |
| CVE-2021-3485 json | An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux all... | 6.6 - MEDIUM | 2021-05-24 | 2023-11-07 |
| CVE-2021-3423 json | Uncontrolled Search Path Element vulnerability in the openssl component as used in Bitdefender GravityZone Business Security ... | 7.8 - HIGH | 2021-05-18 | 2021-05-25 |
| CVE-2020-15734 json | An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload ca... | 5.5 - MEDIUM | 2021-04-12 | 2021-04-21 |
Known software with vulnerabilities from Bitdefender
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bitdefender | Antimalware Software Development Kit | 3.0.1.204 |
| Application | Bitdefender | Antivirus | - |
| Application | Bitdefender | Antivirus 2020 | - |
| Application | Bitdefender | Antivirus For Mac | - |
| Application | Bitdefender | Antivirus Plus | - |
| Hardware | Bitdefender | Box | - |
| Operating System | Bitdefender | Box 2 Firmware | 2.1.47.36 |
| Operating System | Bitdefender | Box Firmware | - |
| Application | Bitdefender | Endpoint Security | - |
| Application | Bitdefender | Endpoint Security Tools | - |
| Application | Bitdefender | Engines | - |
| Application | Bitdefender | Gravityzone | - |
| Application | Bitdefender | Hypervisor Introspection | 1.132.0 |
| Application | Bitdefender | Safepay | 23.0.10.34 |
| Application | Bitdefender | Scan Engines | 7.76662 |
| Application | Bitdefender | Total Security | 2018 |
| Application | Bitdefender | Total Security 2020 | - |
| Application | Bitdefender | Update Server | - |