Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8604)
Publication date: June 5th, 2020
7.2 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Bitdefender Antivirus Free 2020
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 18.104.22.168.
An automatic update to Bitdefender Antivirus Free version 22.214.171.124 or newer fixes the issue.
Ilias Dimopoulos of RedyOps Research Labs