Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-4199
PUBLISHED
More InfoOfficial Page
Assigner-Bitdefender
Assigner Org ID-b3d5ebe7-963e-41fb-98e1-2edaeabb8f82
View Known Exploited Vulnerability (KEV) details
Published At-07 Mar, 2022 | 11:35
Updated At-16 Sep, 2024 | 18:03
Rejected At-
▼CVE Numbering Authority (CNA)
Incorrect Permission Assignment for Critical Resource vulnerability in BDReinit.exe (VA-10017)

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.

Affected Products
Vendor
BitdefenderBitdefender
Product
Total Security
Versions
Affected
  • From unspecified before 26.0.10.45 (custom)
Vendor
BitdefenderBitdefender
Product
Internet Security
Versions
Affected
  • From unspecified before 26.0.10.45 (custom)
Vendor
BitdefenderBitdefender
Product
Antivirus Plus
Versions
Affected
  • From unspecified before 26.0.10.45 (custom)
Vendor
BitdefenderBitdefender
Product
Endpoint Security Tools for Windows
Versions
Affected
  • From unspecified before 7.4.3.140 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-732CWE-732 Incorrect Permission Assignment for Critical Resource
Type: CWE
CWE ID: CWE-732
Description: CWE-732 Incorrect Permission Assignment for Critical Resource
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

An automatic update to the following product versions fixes the issue: - Bitdefender Total Security version 26.0.10.45. - Bitdefender Internet Security version 26.0.10.45. - Bitdefender Antivirus Plus version 26.0.10.45. - Bitdefender Endpoint Security Tools for Windows version 7.4.3.146.

Configurations
Workarounds
Exploits
Credits
Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017/
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-22-484/
x_refsource_MISC
Hyperlink: https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017/
Resource:
x_refsource_MISC
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-484/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017/
x_refsource_MISC
x_transferred
https://www.zerodayinitiative.com/advisories/ZDI-22-484/
x_refsource_MISC
x_transferred
Hyperlink: https://www.bitdefender.com/support/security-advisories/incorrect-permission-assignment-for-critical-resource-vulnerability-in-bdreinit-exe-va-10017/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-484/
Resource:
x_refsource_MISC
x_transferred
Details not found