What is CVE-2021-3579?

CVE-2021-3579 is a vulnerability that allows local attackers to escalate privileges on affected installations of Bitdefender Total Security.

What software products are affected by CVE-2021-3579?

CVE-2021-3579 affects Bitdefender Total Security and Bitdefender Endpoint Security Tools.

How can this vulnerability be exploited?

In order to exploit CVE-2021-3579, an attacker must first obtain the ability to execute low-privileged code on the target system.

What is the severity of CVE-2021-3579?

CVE-2021-3579 has a severity rating of 7.8, which is considered high.

Where can I find more information about CVE-2021-3579?

You can find more information about CVE-2021-3579 on the Bitdefender support website and the Zero Day Initiative advisory.

Vulnerability/
CVE-2021-3579

high

7.8

CWE

276

28/10/2021

3/8/2024

16/9/2024

CVE-2021-3579: (0Day) Bitdefender Total Security Unnecessary Privileges Local Privilege Escalation Vulnerability

First published: Thu Oct 28 2021(Updated: )

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local attacker to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bitdefender Endpoint Security Tools for Windows versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 7.2.1.65.

Credit: cve-requests@bitdefender.com

Affected Software	Affected Version	How to fix
Bitdefender Endpoint Security Tools	<7.2.1.65
Bitdefender Total Security	<7.2.1.65
Bitdefender Total Security

Remedy

An automatic update to Bitdefender Endpoint Security Tools version 7.2.1.65, Bitdefender Total Security version 25.0.26 fixes the issue.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-3579?
CVE-2021-3579 is a vulnerability that allows local attackers to escalate privileges on affected installations of Bitdefender Total Security.
What software products are affected by CVE-2021-3579?
CVE-2021-3579 affects Bitdefender Total Security and Bitdefender Endpoint Security Tools.
How can this vulnerability be exploited?
In order to exploit CVE-2021-3579, an attacker must first obtain the ability to execute low-privileged code on the target system.
What is the severity of CVE-2021-3579?
CVE-2021-3579 has a severity rating of 7.8, which is considered high.
Where can I find more information about CVE-2021-3579?
You can find more information about CVE-2021-3579 on the Bitdefender support website and the Zero Day Initiative advisory.

collector/nvd-index
agent/type
collector/zdi-advisory
source/ZDI
alias/ZDI-21-1276
alias/ZDI-CAN-13967
alias/CVE-2021-3579
alias/CVE-2021-3576
agent/software-canonical-lookup
agent/title
agent/severity
agent/weakness
agent/author
agent/remedy
agent/references
agent/softwarecombine
agent/description
agent/tags
alias/ZDI-21-1277
alias/ZDI-CAN-13968
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/first-publish-date
agent/trending
vendor/bitdefender
canonical/bitdefender endpoint security tools
canonical/bitdefender total security

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.