PT-2022-21805 · Bitdefender · Bitdefender Internet Security+5
Published
2022-11-01
·
Updated
2024-09-17
·
CVE-2022-3369
CVSS v3.1
8.6
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bitdefender Engines versions prior to 7.92659
Bitdefender Antivirus Free versions prior to 7.92659
Bitdefender Antivirus Plus versions prior to 7.92659
Bitdefender Internet Security versions prior to 7.92659
Bitdefender Total Security versions prior to 7.92659
Bitdefender Endpoint Security Tools for Windows versions prior to 7.92659
Description
An Improper Access Control issue in the bdservicehost.exe component allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key.
Recommendations
For Bitdefender Engines versions prior to 7.92659, update to version 7.92659 or later.
For Bitdefender Antivirus Free versions prior to 7.92659, update to version 7.92659 or later.
For Bitdefender Antivirus Plus versions prior to 7.92659, update to version 7.92659 or later.
For Bitdefender Internet Security versions prior to 7.92659, update to version 7.92659 or later.
For Bitdefender Total Security versions prior to 7.92659, update to version 7.92659 or later.
For Bitdefender Endpoint Security Tools for Windows versions prior to 7.92659, update to version 7.92659 or later.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bitdefender Antivirus Free
Bitdefender Antivirus Plus
Bitdefender Endpoint Security Tools For Windows
Bitdefender Engines
Bitdefender Internet Security
Bitdefender Total Security