Yes, basically this. On the one hand, being able to parse every protocol and file format under the sun in search for malware means high complexity and a lot of attack surface. On the other hand, being able to read every file, intercept all network traffic, or peek into any processes memory means pretty much highest system privilege level. Big attack surface and high privilege level are a bad combination.
And regarding the point that the BSI is trying to make here: A high privilege process with an auto-update channel back home (as modern software tends to have), is basically an extremely powerful backdoor. That's definitely not something you want to have installed across loads of systems across your countries industry and critical infrastructure.
It's funny that they apparently only realize this now. The same reasoning in the article can be used pretty much regardless of the AVs country of origin.
And regarding the point that the BSI is trying to make here: A high privilege process with an auto-update channel back home (as modern software tends to have), is basically an extremely powerful backdoor. That's definitely not something you want to have installed across loads of systems across your countries industry and critical infrastructure.
It's funny that they apparently only realize this now. The same reasoning in the article can be used pretty much regardless of the AVs country of origin.