Back

Privilege escalation via SeImpersonatePrivilege in Bitdefender Endpoint Security Tools (VA-9848)

Publication date: October 28th, 2021

CVE ID:

CVE-2021-3576

CVSS scrore:

7.8 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected vendors:

Bitdefender

Affected products:

Bitdefender Endpoint Security Tools for Windows; Bitdefender Total Security

Vulnerability details:

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to ‘NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client’s security context.

This issue affects:
Bitdefender Endpoint Security Tools
versions prior to 7.2.1.65.
Bitdefender Total Security
versions prior to 25.0.26.

Additional details:

An automatic update to Bitdefender Endpoint Security Tools version 7.2.1.65, Bitdefender Total Security version 25.0.26 fixes the issue.

Credit:

Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative