CVE-2021-3423

Name of the Vulnerable Software and Affected Versions: Bitdefender GravityZone Business Security versions prior to 6.6.23.329

Description: The issue is related to an Uncontrolled Search Path Element vulnerability in the openssl component used in Bitdefender GravityZone Business Security. This vulnerability allows an attacker to load a third-party DLL, potentially elevating privileges.

Recommendations: For versions prior to 6.6.23.329, update to version 6.6.23.329 or later to resolve the issue. As a temporary workaround, consider restricting access to the openssl component to minimize the risk of exploitation.