CWE
476
Advisory Published
Updated
Advisory Published

CVE-2021-4198: Bitdefender Total Security Link Following Denial-of-Service Vulnerability

First published: Sat Feb 05 2022(Updated: )

A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.

Credit: cve-requests@bitdefender.com

Affected SoftwareAffected VersionHow to fix
Bitdefender Antivirus Plus<26.0.3.29
Bitdefender Endpoint Security Tools<7.2.2.92
BitDefender Internet Security<26.0.3.29
Bitdefender Total Security<26.0.3.29
Bitdefender VPN Standalone<25.5.0.48
Bitdefender Total Security

Remedy

An automatic update to these new product versions fixes the issue: - Bitdefender Total Security version 26.0.3.29 - Bitdefender Internet Security version 26.0.3.29 - Bitdefender Antivirus Plus version 26.0.3.29 - Bitdefender VPN Standalone version 25.5.0.48 - Bitdefender Endpoint Security Tools version 7.2.2.92

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2021-4198?

    CVE-2021-4198 is a NULL Pointer Dereference vulnerability in Bitdefender Total Security and other Bitdefender products.

  • How does CVE-2021-4198 affect Bitdefender Total Security?

    CVE-2021-4198 allows an attacker to crash product processes and generate crashdump files in Bitdefender Total Security.

  • What is the severity of CVE-2021-4198?

    CVE-2021-4198 has a severity rating of 6.1 (Medium).

  • How can I fix CVE-2021-4198 vulnerability in Bitdefender Total Security?

    To fix the CVE-2021-4198 vulnerability, users should update Bitdefender Total Security and affected Bitdefender products to the latest version available.

  • Are there any references for CVE-2021-4198?

    Yes, you can find references for CVE-2021-4198 at the following links: [Reference 1](https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/) and [Reference 2](https://www.zerodayinitiative.com/advisories/ZDI-22-483/).

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203