Vulnerability Description
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitdefender | Antivirus Plus | < 26.0.3.29 |
| Bitdefender | Endpoint Security Tools | < 7.4.3.146 |
| Bitdefender | Internet Security | < 26.0.3.29 |
| Bitdefender | Total Security | < 26.0.3.29 |
Related Weaknesses (CWE)
References
- https://www.bitdefender.com/support/security-advisories/incorrect-permission-assVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-22-484/Third Party Advisory
- https://www.bitdefender.com/support/security-advisories/incorrect-permission-assVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-22-484/Third Party Advisory
FAQ
What is CVE-2021-4199?
CVE-2021-4199 is a vulnerability with a CVSS score of 7.8 (HIGH). Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Secu...
How severe is CVE-2021-4199?
CVE-2021-4199 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-4199?
Check the references section above for vendor advisories and patch information. Affected products include: Bitdefender Antivirus Plus, Bitdefender Endpoint Security Tools, Bitdefender Internet Security, Bitdefender Total Security.