CVE-2021-3576

Privilege escalation via SeImpersonatePrivilege

Description

Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.

Remediation

Solution:

An automatic update to Bitdefender Endpoint Security Tools version 7.2.1.65, Bitdefender Total Security version 25.0.26 fixes the issue.

References

Link	Tags
https://www.bitdefender.com/support/security-advisories/privilege-escalation-via-seimpersonateprivilege-in-bitdefender-endpoint-security-tools-va-9848/	vendor advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-1276/	vdb entry third party advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-1376/	vdb entry third party advisory

Frequently Asked Questions

What is the severity of CVE-2021-3576?: CVE-2021-3576 has been scored as a high severity vulnerability.
How to fix CVE-2021-3576?: To fix CVE-2021-3576: An automatic update to Bitdefender Endpoint Security Tools version 7.2.1.65, Bitdefender Total Security version 25.0.26 fixes the issue.
Is CVE-2021-3576 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-3576 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-3576?: CVE-2021-3576 affects Bitdefender Endpoint Security Tools, Bitdefender Total Security.

Description

Remediation

Categories

CWE-250 – Execution with Unnecessary Privileges

CWE-269 – Improper Privilege Management

References

Frequently Asked Questions