CVE-2021-4199

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.

Published: Mar 7, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-4199
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
bitdefender / total_security	-	26.0.3.29
bitdefender / internet_security	-	26.0.3.29
bitdefender / antivirus_plus	-	26.0.3.29
bitdefender / endpoint_security_tools	-	7.4.3.146

Vulnerability Database

289,782

CVE-2021-4199