Endpoint Security Tools Security Vulnerabilities and Issues — Endpoint Security Tools CVE List

Lucene search

BitdefenderEndpoint Security Tools

7 matches found

CVE•added 2021/10/28 2:15 p.m.•50 views

CVE-2021-3579

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Securit...

7.8CVSS7.4AI score0.00077EPSS

CVE•added 2021/05/24 2:15 p.m.•49 views

CVE-2021-3485

An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security ...

6.6CVSS6.9AI score0.00778EPSS

CVE•added 2021/10/28 2:15 p.m.•47 views

CVE-2021-3576

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security co...

7.8CVSS7.4AI score0.00088EPSS

CVE•added 2021/05/18 11:15 a.m.•33 views

CVE-2020-15279

An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. This issue was discovered during external security research.

4CVSS3.9AI score0.00111EPSS

CVE•added 2021/11/24 4:15 p.m.•32 views

CVE-2021-3554

Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions pri...

10CVSS9.2AI score0.00318EPSS

CVE•added 2021/11/24 4:15 p.m.•29 views

CVE-2021-3553

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions pr...

7.5CVSS6.2AI score0.00222EPSS

CVE•added 2021/11/24 4:15 p.m.•28 views

CVE-2021-3552

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bit...

7.5CVSS6.2AI score0.00212EPSS