Vulnerability Description
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitdefender | Endpoint Security Tools | < 7.2.1.65 |
| Bitdefender | Total Security | < 7.2.1.65 |
Related Weaknesses (CWE)
References
- https://www.bitdefender.com/support/security-advisories/incorrect-default-permisVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1277/Third Party AdvisoryVDB Entry
- https://www.bitdefender.com/support/security-advisories/incorrect-default-permisVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-21-1277/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2021-3579?
CVE-2021-3579 is a vulnerability with a CVSS score of 7.8 (HIGH). Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local att...
How severe is CVE-2021-3579?
CVE-2021-3579 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-3579?
Check the references section above for vendor advisories and patch information. Affected products include: Bitdefender Endpoint Security Tools, Bitdefender Total Security.