First published: Sat Feb 05 2022(Updated: )
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.
Credit: cve-requests@bitdefender.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bitdefender Antivirus Plus | <26.0.3.29 | |
Bitdefender Endpoint Security Tools | <7.2.2.92 | |
BitDefender Internet Security | <26.0.3.29 | |
Bitdefender Total Security | <26.0.3.29 | |
Bitdefender VPN Standalone | <25.5.0.48 | |
Bitdefender Total Security |
An automatic update to these new product versions fixes the issue: - Bitdefender Total Security version 26.0.3.29 - Bitdefender Internet Security version 26.0.3.29 - Bitdefender Antivirus Plus version 26.0.3.29 - Bitdefender VPN Standalone version 25.5.0.48 - Bitdefender Endpoint Security Tools version 7.2.2.92
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-4198 is a NULL Pointer Dereference vulnerability in Bitdefender Total Security and other Bitdefender products.
CVE-2021-4198 allows an attacker to crash product processes and generate crashdump files in Bitdefender Total Security.
CVE-2021-4198 has a severity rating of 6.1 (Medium).
To fix the CVE-2021-4198 vulnerability, users should update Bitdefender Total Security and affected Bitdefender products to the latest version available.
Yes, you can find references for CVE-2021-4198 at the following links: [Reference 1](https://www.bitdefender.com/support/security-advisories/messaging_ipc-dll-null-pointer-dereference-in-multiple-bitdefender-products-va-10016/) and [Reference 2](https://www.zerodayinitiative.com/advisories/ZDI-22-483/).