CVE-2025-7073 HIGH

CVE-2025-7073: Local Privilege Escalation via Arbitrary File Operation in Bitdefender Total Security

Vendor Bitdefender
Product Total Security
Weakness CWE-59
Published December 10, 2025
Last update March 31, 2026

CVSS base score

8.8/10
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to elevate privileges. The issue arises from bdservicehost.exe deleting files from a user-writable directory (C:\ProgramData\Atc\Feedback) without proper symbolic link validation, enabling arbitrary file deletion. This issue is chained with a file copy operation during network events and a filter driver bypass via DLL injection to achieve arbitrary file copy and code execution as elevated user.

Key dates

02Disclosure timeline

December 10, 2025 CVE published
March 31, 2026 Record updated