Vulnerability Details : CVE-2022-0357
Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.
This issue affects:
Bitdefender Total Security
versions prior to 26.0.10.45.
Bitdefender Internet Security
versions prior to 26.0.10.45.
Bitdefender Antivirus Plus
versions prior to 26.0.10.45.
Products affected by CVE-2022-0357
- cpe:2.3:a:bitdefender:internet_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:bitdefender:antivirus_plus:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-0357
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-0357
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
Bitdefender | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-0357
-
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.Assigned by: cve-requests@bitdefender.com (Primary)
References for CVE-2022-0357
-
https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security
Improper Quoting Path Issue in Bitdefender Total Security - BitdefenderVendor Advisory
Jump to