970 matches found
Code injection
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security...
Design/Logic Flaw
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint...
Path traversal
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
CVE-2021-3823
CVE-2021-3823 is a path-traversal vulnerability in Bitdefender GravityZone UpdateServer (relay mode) that allows arbitrary code execution on vulnerable instances. Affected: Bitdefender GravityZone prior to version 3.3.8.249. Root cause: improper limitation of a pathname to a restricted directory ...
CVE-2021-3823 Path traversal vulnerability in Bitdefender GravitZone Update Server in relay mode
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249...
CVE-2021-3576
CVE-2021-3576 is a local privilege-escalation vulnerability in Bitdefender products (Endpoint Security Tools and Total Security). The root cause is an impersonation flaw where an untrusted process can impersonate the client of a pipe, enabling a local attacker to elevate to NT AUTHORITY\System. A...
CVE-2021-3576 Privilege escalation via SeImpersonatePrivilege
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security...
CVE-2021-3579
CVE-2021-3579 affects Bitdefender Endpoint Security Tools for Windows and Bitdefender Total Security prior to 7.2.1.65. The issue is an Incorrect Default Permissions in the bdservicehost.exe and Vulnerability.Scan.exe components, enabling a local attacker to escalate privileges to NT AUTHORITY\SY...
CVE-2021-3579 Incorrect Default Permissions vulnerability in bdservicehost.exe and Vulnerability.Scan.exe
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint...
(0Day) Bitdefender Total Security Unnecessary Privileges Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
(0Day) Bitdefender Total Security Unnecessary Privileges Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
(0Day) Bitdefender Endpoint Security Unnecessary Privileges Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Endpoint Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Bitdefender GravityZone 路径遍历漏洞
Bitdefender GravityZone Business is a scanning software from Bitdefender, Inc. A path traversal vulnerability exists in Bitdefender GravityZone, which stems from an incorrectly restricted pathname to restricted directory path traversal vulnerability in the UpdateServer component of Bitdefender...
(0Day) Bitdefender Endpoint Security Unnecessary Privileges Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Endpoint Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
Bitdefender Endpoint Security Tool 安全漏洞
Bitdefender Endpoint Security Tool is an endpoint security management tool from the Romanian company Bitdefender. Bitdefender Endpoint Security Tool A security vulnerability exists in the Bitdefender Endpoint Security Tool that stems from an incorrect default privilege vulnerability in the...
Total Security 安全漏洞
K7 Computing Total Security is a suite of antivirus software for the Windows platform from K7 Computing. A security vulnerability exists in Total Security that stems from an unwanted privilege enforcement vulnerability in the Bitdefender Endpoint Security tool, which allows a local attacker to...
Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named...
CVE-2021-3576
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security...
CVE-2021-3579
Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint...
The Top Ransomware Threats Aren’t Who You Think
While there seem to be legions of ransomware gangs, it turns out that just a handful of ransomware-as-a-service RaaS actors dominate the entire ecosystem of encryption-attack threats. In fact, just three ransomware families, none of them household names, make up 64 percent of all threats detected...