PT-2025-46315 · Bitdefender · Bitdefender Endpoint Security For Mac
Published
2025-11-11
·
Updated
2025-11-11
·
CVE-2025-5317
CVSS v4.0
6.8
Medium
| Vector | AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Bitdefender Endpoint Security Tools for Mac (BEST) versions prior to 7.20.52.200087
Description
A configuration issue in Bitdefender Endpoint Security Tools for Mac (BEST) allows local users with administrative privileges to bypass the uninstall password protection. Specifically, an unauthorized user with sudo privileges can remove the application directory (/Applications/Endpoint Security for Mac.app/) and associated directories within /Library/Bitdefender/AVP without the required uninstall password.
Recommendations
Update Bitdefender Endpoint Security Tools for Mac (BEST) to version 7.20.52.200087 or later.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bitdefender Endpoint Security For Mac