CVE-2022-0357

{"id": "CVE-2022-0357", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve-requests@bitdefender.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-05-24T08:15:08.957", "references": [{"url": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security", "tags": ["Vendor Advisory"], "source": "cve-requests@bitdefender.com"}, {"url": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cve-requests@bitdefender.com", "description": [{"lang": "en", "value": "CWE-428"}]}], "descriptions": [{"lang": "en", "value": "Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.\n\nThis issue affects:\n\nBitdefender Total Security\nversions prior to 26.0.10.45.\nBitdefender Internet Security\nversions prior to 26.0.10.45.\nBitdefender Antivirus Plus\nversions prior to 26.0.10.45."}], "lastModified": "2024-11-21T06:38:26.993", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bitdefender:antivirus_plus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF0B6471-635E-483D-9BC5-DBDD00C9B90C", "versionEndExcluding": "26.0.10.45"}, {"criteria": "cpe:2.3:a:bitdefender:internet_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE68669B-FBEC-4060-B97A-845BA269B8ED", "versionEndExcluding": "26.0.10.45"}, {"criteria": "cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02A583B6-D71B-4F97-AC44-362F8D1008FB", "versionEndExcluding": "26.0.10.45"}], "operator": "OR"}]}], "sourceIdentifier": "cve-requests@bitdefender.com"}