CVE-2021-3823

Name of the Vulnerable Software and Affected Versions: Bitdefender GravityZone versions prior to 3.3.8.249

Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, in the UpdateServer component. This allows an attacker to execute arbitrary code on vulnerable instances.

Recommendations: For Bitdefender GravityZone versions prior to 3.3.8.249, update to version 3.3.8.249 or later to resolve the issue. As a temporary workaround, consider restricting access to the UpdateServer component to minimize the risk of exploitation.