Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.
References
Link | Resource |
---|---|
https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/ | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1277/ | Third Party Advisory VDB Entry |
https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/ | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1277/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/ - Vendor Advisory | |
References | () https://www.zerodayinitiative.com/advisories/ZDI-21-1277/ - Third Party Advisory, VDB Entry |
28 Nov 2021, 23:24
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1277/ - Third Party Advisory, VDB Entry |
17 Nov 2021, 22:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Nov 2021, 17:57
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
References | (MISC) https://www.bitdefender.com/support/security-advisories/incorrect-default-permissions-vulnerability-in-bdservicehost-exe-and-vulnerability-scan-exe-va-9848/ - Vendor Advisory | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-21-1277/ - Third Party Advisory | |
CWE | CWE-276 | |
CPE | cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:windows:*:* cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:* |
03 Nov 2021, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Oct 2021, 14:26
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-10-28 14:15
Updated : 2024-11-21 06:21
NVD link : CVE-2021-3579
Mitre link : CVE-2021-3579
CVE.ORG link : CVE-2021-3579
JSON object : View
Products Affected
bitdefender
- total_security
- endpoint_security_tools
CWE
CWE-276
Incorrect Default Permissions