CVE-2021-4199

CVE-2021-4199 is a local privilege-escalation flaw in Bitdefender products where BDReinit.exe’s crash-handling component suffers incorrect permission assignment for a critical resource, enabling a local attacker to escalate to SYSTEM. Affected are Bitdefender Total Security, Internet Security, An...

CVE-2021-4198

CVE-2021-4198 is a NULL pointer dereference in Bitdefender’s messaging_ipc.dll affecting multiple Bitdefender products. Affected versions include Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, and VPN Standalone, with vulnerable build dates prior to 26.0.3.29 (and End...

CVE-2021-4198 messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016)

A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...

Bitdefender Total Security 代码问题漏洞

Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The program features antivirus, firewall, anti-spyware, privacy control, parental control. It also includes features such as System TuneUp. A security vulnerability exists in...

Bitdefender Internet Security 安全漏洞

Bitdefender Internet Security is a suite of antivirus software from the Romanian company Bitdefender that focuses on Internet security. A security vulnerability exists in Bitdefender Internet Security, which allows remote attackers to exploit the vulnerability to escalate local privileges to the...

Vulnerabilities fixed in Bitdefender products

Vulnerabilities have been fixed in Bitdefender products. The vulnerabilities allow a local malicious agent to cause a denial-of-service or to obtain elevated privileges. obtained. Bitdefender has released updates to address the vulnerabilities. fixes. More information can be found on the pages...

TeaBot Android Banking Malware Spreads Again Through Google Play Store Apps

An Android banking trojan designed to steal credentials and SMS messages has been observed once again sneaking past Google Play Store protections to target users of more than 400 banking and financial apps, including those from Russia, China, and the U.S. "TeaBot RAT capabilities are achieved via...

Creaky Old WannaCry, GandCrab Top the Ransomware Scene

What’s old in ransomware is new again. Or, more accurately, never really went away. New analysis shows that for a years-old malware, WannaCry is still a viciously active pest. The self-propagating ransomware cryptoworm that’s been parasitizing victims since 2017 was the top most detected ransomwa...

CVE-2020-8107

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions pri...

CVE-2020-8107

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions pri...

Design/Logic Flaw

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions pri...

CVE-2020-8107

The CVE-2020-8107 entry concerns a vulnerability in Bitdefender Antivirus Plus (ProductAgentUI.exe) where a specially crafted DLL can tamper with product settings. Affected products are Bitdefender Antivirus Plus, Internet Security, and Total Security with versions prior to 24.0.26.136. The root ...

CVE-2020-8107 Process Control vulnerability in Bitdefender Antivirus Plus

A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bitdefender Antivirus Plus versions prior to 24.0.26.136. Bitdefender Internet Security versions pri...

Bitdefender Antivirus Plus 安全漏洞

Bitdefender Antivirus Plus is a suite of antivirus software from the Romanian company Bitdefender that primarily provides cyber threat detection and ransomware protection. A security vulnerability exists in Bitdefender Antivirus Plus, which originates from a process control vulnerability in...

CVE-2021-4199

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...

CVE-2021-4198

A NULL Pointer Dereference vulnerability in the messagingipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects:...

Bitdefender GravityZone Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Bitdefender GravityZone. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Threat Actors Blanket Androids with Flubot, Teabot Campaigns

Researchers have discovered a raft of active campaigns delivering the Flubot and Teabot trojans through a variety of delivery methods, with threat actors using smishing and malicious Google Play apps to target victims with fly-by attacks in various regions across the globe. Researchers from...

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools’ anti-virus protection mechanisms, related to errors in access control, allows attackers to escalate their privileges.

The vulnerability of Bitdefender Total Security and Bitdefender Endpoint Security Tools BEST lies in errors related to access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the EPPUpdateService service in the BitDefender Endpoint Security Tools antivirus protection tool allows a hacker to disclose protected information.

The vulnerability of the EPPUpdateService service in the BitDefender Endpoint Security Tools antivirus protection tool is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...