bitdefender endpoint security tools vulnerabilities and exploits

(subscribe to this query)

10

CVSSv3

Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an malicious user to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Too...

Bitdefender Endpoint Security Tools Bitdefender Gravityzone Bitdefender Gravityzone 6.24.1-1

9.1

CVSSv3

Insufficient validation in the Bitdefender Update Server and BEST Relay components of Bitdefender Endpoint Security Tools versions before 6.6.20.294 allows an unprivileged malicious user to bypass the in-place mitigations and interact with hosts on the network. This issue affects...

Bitdefender Update Server

7.8

CVSSv3

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote malicious user to escalate local privileg...

Bitdefender Antivirus Plus Bitdefender Endpoint Security Tools Bitdefender Internet Security Bitdefender Total Security

7.8

CVSSv3

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local malicious user to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limi...

Bitdefender Endpoint Security Tools Bitdefender Total Security

7.8

CVSSv3

Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoint Security Tools for Windows, Total Security allows a local malicious user to elevate privileges to NT AUTHORITY\SYSTEM This issue affects: Bit...

Bitdefender Endpoint Security Tools Bitdefender Total Security

7.8

CVSSv3

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local malicious user to escalate privileges or tamper with the product's security settings. This issue affects: Bitdefende...

Bitdefender Endpoint Security Bitdefender Endpoint Security Tools

7.8

CVSSv3

An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions before 6.6.11.163 allows an malicious user to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions be...

Bitdefender Endpoint Security Tools

7.5

CVSSv3

Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an malicious user to cause a Denial-of-Service. This issue affects: Bitdefender Upda...

Bitdefender Endpoint Security Tools Bitdefender Gravityzone Bitdefender Update Server

7.5

CVSSv3

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Bitdefender GravityZone versions before 3.3.8.272

Bitdefender Gravityzone

7.5

CVSSv3

A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an malicious user to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions before 6.6.27.390; versions...

Bitdefender Endpoint Security Tools Bitdefender Gravityzone 6.24.1-1

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook