Lucene search
Michael DePlante (@izobashi) of Trend Micro's Zero Day InitiativeZDI-21-1272HistoryOct 28, 2021 - 12:00 a.m.
(0Day) Bitdefender Total Security Unnecessary Privileges Local Privilege Escalation Vulnerability
2021-10-2800:00:00
Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative
www.zerodayinitiative.com
16
bitdefender
total security
privilege escalation
vulnerability
local attackers
low-privileged code
endpoint client
untrusted process
arbitrary code
system
EPSS
0.001
Percentile
17.1%
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the endpoint client. The issue results from allowing an untrusted process to impersonate the client of a pipe. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Related
zdi
zdi
cvelist
cvelist
cve
cve
CVE-2021-3579
2021-10-28 14:15:08
CVE-2021-3576
2021-10-28 14:15:08
nvd
nvd
CVE-2021-3579
2021-10-28 14:15:08
CVE-2021-3576
2021-10-28 14:15:08
prion
prion
Design/Logic Flaw
2021-10-28 14:15:00
Code injection
2021-10-28 14:15:00