Zero-Day Initiative

**Name of the Vulnerable Software and Affected Versions** Bitdefender Endpoint Security Tools versions prior to 7.2.1.65 Bitdefender Total Security versions prior to 25.0.26 **Description** The issue allows a local attacker to elevate to 'NT AUTHORITYSystem'. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This is related to errors in access control and unnecessary privileges in Bitdefender Endpoint Security Tools and Bitdefender Total Security. **Recommendations** For Bitdefender Endpoint Security Tools versions prior to 7.2.1.65, update to version 7.2.1.65 or later. For Bitdefender Total Security versions prior to 25.0.26, update to version 25.0.26 or later. As a temporary workaround, consider restricting access to sensitive resources to minimize the risk of exploitation.