CVE-2021-3641

Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG component of Bitdefender Endpoint Security Tools for Windows allows a local attacker to cause a denial of service. This issue affects: Bitdefender GravityZone version 7.1.2.33 and prior versions.

Published: Nov 9, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-3641
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

CWEs:

CWE-59

Affected Software
References

Software	From	Fixed in
bitdefender / gravityzone	-	7.1.2.33.x

https://www.bitdefender.com/support/security-advisories/improper-link-resolution-before-file-access-in-bitdefender-gravityzone-va-9921
https://www.zerodayinitiative.com/advisories/ZDI-22-143/

Vulnerability Database

289,784

CVE-2021-3641