CVE-2021-4198 - OpenCVE

A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:N/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Bitdefender	Endpoint Security Tools Antivirus Plus Total Security Internet Security Vpn Standalone

Configuration 1 [-]

OR	cpe:2.3:a:bitdefender:antivirus_plus::::::::
	cpe:2.3:a:bitdefender:endpoint_security_tools::::::::
	cpe:2.3:a:bitdefender:internet_security::::::::
	cpe:2.3:a:bitdefender:total_security::::::::
	cpe:2.3:a:bitdefender:vpn_standalone::::::::

References

Link	Resource
https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-22-483/	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Bitdefender

Published: 2022-02-05T00:00:00

Updated: 2022-03-09T10:06:06

Reserved: 2022-01-04T00:00:00

Link: CVE-2021-4198

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-03-07T12:15:07.967

Modified: 2022-03-11T19:18:56.547

Link: CVE-2021-4198

JSON object: View

Redhat Information

No data.

CWE

CWE-476

{"containers": {"cna": {"affected": [{"product": "Total Security", "vendor": "Bitdefender", "versions": [{"lessThan": "26.0.3.29", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Internet Security", "vendor": "Bitdefender", "versions": [{"lessThan": "26.0.3.29", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Antivirus Plus", "vendor": "Bitdefender", "versions": [{"lessThan": "26.0.3.29", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "Endpoint Security Tools", "vendor": "Bitdefender", "versions": [{"lessThan": "7.2.2.92", "status": "affected", "version": "unspecified", "versionType": "custom"}]}, {"product": "VPN Standalone", "vendor": "Bitdefender", "versions": [{"lessThan": "25.5.0.48", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative"}], "datePublic": "2022-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-03-09T10:06:06", "orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "shortName": "Bitdefender"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-483/"}], "solutions": [{"lang": "en", "value": "An automatic update to these new product versions fixes the issue:\n \n- Bitdefender Total Security version 26.0.3.29\n- Bitdefender Internet Security version 26.0.3.29\n- Bitdefender Antivirus Plus version 26.0.3.29\n- Bitdefender VPN Standalone version 25.5.0.48\n- Bitdefender Endpoint Security Tools version 7.2.2.92"}], "source": {"defect": ["VA-10016"], "discovery": "EXTERNAL"}, "title": "messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016) ", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-requests@bitdefender.com", "DATE_PUBLIC": "2022-02-05T10:00:00.000Z", "ID": "CVE-2021-4198", "STATE": "PUBLIC", "TITLE": "messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016) "}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Total Security", "version": {"version_data": [{"version_affected": "<", "version_value": "26.0.3.29"}]}}, {"product_name": "Internet Security", "version": {"version_data": [{"version_affected": "<", "version_value": "26.0.3.29"}]}}, {"product_name": "Antivirus Plus", "version": {"version_data": [{"version_affected": "<", "version_value": "26.0.3.29"}]}}, {"product_name": "Endpoint Security Tools", "version": {"version_data": [{"version_affected": "<", "version_value": "7.2.2.92"}]}}, {"product_name": "VPN Standalone", "version": {"version_data": [{"version_affected": "<", "version_value": "25.5.0.48"}]}}]}, "vendor_name": "Bitdefender"}]}}, "credit": [{"lang": "eng", "value": "Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476 NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/", "refsource": "MISC", "url": "https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-483/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-483/"}]}, "solution": [{"lang": "en", "value": "An automatic update to these new product versions fixes the issue:\n \n- Bitdefender Total Security version 26.0.3.29\n- Bitdefender Internet Security version 26.0.3.29\n- Bitdefender Antivirus Plus version 26.0.3.29\n- Bitdefender VPN Standalone version 25.5.0.48\n- Bitdefender Endpoint Security Tools version 7.2.2.92"}], "source": {"defect": ["VA-10016"], "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82", "assignerShortName": "Bitdefender", "cveId": "CVE-2021-4198", "datePublished": "2022-02-05T00:00:00", "dateReserved": "2022-01-04T00:00:00", "dateUpdated": "2022-03-09T10:06:06", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bitdefender:antivirus_plus:*:*:*:*:*:*:*:*", "matchCriteriaId": "94032C6C-01E2-4D3F-B246-83A1556F2AF7", "versionEndExcluding": "26.0.3.29", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:*:*:*", "matchCriteriaId": "120935AC-9425-4290-A884-FA262EA40618", "versionEndExcluding": "7.2.2.92", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:internet_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF10043E-56F8-427B-8146-343B5A717DAA", "versionEndExcluding": "26.0.3.29", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "F45EBE44-B7F4-4056-B4CA-07B8762B0E14", "versionEndExcluding": "26.0.3.29", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:vpn_standalone:*:*:*:*:*:*:*:*", "matchCriteriaId": "273355BC-4B2E-4AAC-80C6-433C1CFC69AC", "versionEndExcluding": "25.5.0.48", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48."}, {"lang": "es", "value": "Una vulnerabilidad de Desreferencia de Puntero NULL en el componente messaging_ipc.dll utilizado en Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools y VPN Standalone permite a un atacante bloquear arbitrariamente los procesos del producto y generar archivos crashdump. Este problema afecta a: Las versiones de Bitdefender Total Security anteriores a la 26.0.3.29. Las versiones de Bitdefender Internet Security anteriores a la 26.0.3.29. Las versiones de Bitdefender Antivirus Plus anteriores a la 26.0.3.29. Versiones de Bitdefender Endpoint Security Tools anteriores a la 7.2.2.92. Versiones de Bitdefender VPN Standalone anteriores a la 25.5.0.48."}], "id": "CVE-2021-4198", "lastModified": "2022-03-11T19:18:56.547", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}, "published": "2022-03-07T12:15:07.967", "references": [{"source": "cve-requests@bitdefender.com", "tags": ["Vendor Advisory"], "url": "https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/"}, {"source": "cve-requests@bitdefender.com", "tags": ["Third Party Advisory"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-22-483/"}], "sourceIdentifier": "cve-requests@bitdefender.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "cve-requests@bitdefender.com", "type": "Secondary"}]}