Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.
References
Link | Resource |
---|---|
https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/ | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-1276/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-21-1376/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Bitdefender
Published: 2021-10-12T00:00:00
Updated: 2021-12-03T15:06:06
Reserved: 2021-06-02T00:00:00
Link: CVE-2021-3576
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-28T14:15:08.617
Modified: 2022-04-25T18:05:07.247
Link: CVE-2021-3576
JSON object: View
Redhat Information
No data.