Bitdefender Total Security is prone to a local code-execution vulnerability.
A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions.
Bitdefender Total Security 2017 is vulnerable; other versions may also be affected.
Information
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- BitDefender Homepage (BitDefender)
- Bitdefender Total Security 2017 Unquoted Service Path Vulnerability (secur1tyadvisory.wordpress.com)