Unrated severityNVD Advisory· Published Nov 11, 2025· Updated Nov 12, 2025

Improper access restriction to critical folder in Bitdefender Endpoint Security Tools for Mac

CVE-2025-5317

Description

An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac (BEST) before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the application directory (/Applications/Endpoint Security for Mac.app/) and the related directories within /Library/Bitdefender/AVP without needing the uninstall password.

Affected products

Bitdefender/Endpoint Security Tools for Macllm-create
Range: <7.20.52.200087
Bitdefender/Endpoint Security Tools for Macv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.bitdefender.com/support/security-advisories/improper-access-restriction-to-critical-folder-in-bitdefender-endpoint-security-tools-for-mac/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000