CVE-2025-5317
MEDIUM
5.5
Our Analysis: General-Purpose
Our model has classified this vulnerability as relevant to General-Purpose Systems, helping your team prioritize efforts effectively.
Published Date
November 11, 2025
Last Modified
December 8, 2025
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Description
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the application directory (/Applications/Endpoint Security for Mac.app/) and the related directories within /Library/Bitdefender/AVP without needing the uninstall password.