Vulnerability Details CVE-2021-3576
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1276/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1376/
- https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1276/
- https://www.zerodayinitiative.com/advisories/ZDI-21-1376/
Products affected by CVE-2021-3576
-
cpe:2.3:a:bitdefender:endpoint_security_tools:-
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.155
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.171
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.2.21.18
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.11.163
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.12.170
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.18.261
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.23.320
-
cpe:2.3:a:bitdefender:endpoint_security_tools:6.6.8.115
-
cpe:2.3:a:bitdefender:total_security:-
-
cpe:2.3:a:bitdefender:total_security:12.0
-
cpe:2.3:a:bitdefender:total_security:21.0.24.62
-
cpe:2.3:a:bitdefender:total_security:23.0.24.120
-
cpe:2.3:a:bitdefender:total_security:24.0.26.136
-
cpe:2.3:a:bitdefender:total_security:25.0.7.29
-
cpe:2.3:a:bitdefender:total_security:7.2.1.65