Endpoint Security Tools
Approved changes feed: RSS · Atom
cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Bitdefender (d5582d91-5be9-5b61-8324-642705c220ed) |
|---|---|
| Product | Endpoint Security Tools (23d5ca18-f89e-5ca8-b60d-c6f7c6caf565) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-4198 |
vulnerable | 2026-06-03 14:45:47.977578 |
messaging_ipc.dll NULL Pointer Dereference in multiple Bitdefender products (VA-10016)
MEDIUM (6.1)
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.
Published: 2022-03-07T11:30:14.308Z
Updated: 2024-09-17T02:06:29.957Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3576 |
vulnerable | 2026-06-03 14:45:11.843440 |
Privilege escalation via SeImpersonatePrivilege
HIGH (7.8)
Execution with Unnecessary Privileges vulnerability in Bitdefender Endpoint Security Tools, Total Security allows a local attacker to elevate to 'NT AUTHORITY\System. Impersonation enables the server thread to perform actions on behalf of the client but within the limits of the client's security context. This issue affects: Bitdefender Endpoint Security Tools versions prior to 7.2.1.65. Bitdefender Total Security versions prior to 25.0.26.
Published: 2021-10-28T13:50:23.098Z
Updated: 2024-09-17T03:14:27.882Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3554 |
vulnerable | 2026-06-03 14:45:11.791136 |
Improper Access Control vulnerability in the patchesUpdate API
CRITICAL (9)
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
Published: 2021-11-24T14:45:12.904Z
Updated: 2024-09-16T20:03:20.270Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3553 |
vulnerable | 2026-06-03 14:45:11.787526 |
Server-Side Request Forgery in EPPUpdateService remote config file (VA-9825)
MEDIUM (5.3)
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint for Linux versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
Published: 2021-11-24T14:45:20.276Z
Updated: 2024-09-17T01:25:41.833Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3552 |
vulnerable | 2026-06-03 14:45:11.785056 |
Insufficient validation on regular expression in EPPUpdateService config file (VA-9825)
MEDIUM (5.3)
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService component of Bitdefender Endpoint Security Tools allows an attacker to proxy requests to the relay server. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender GravityZone 6.24.1-1.
Published: 2021-11-24T14:40:13.004Z
Updated: 2024-09-16T17:33:06.659Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-17099 |
vulnerable | 2026-06-03 14:39:55.835261 |
Untrusted Search Path vulnerability in EPSecurityService.exe (VA-3500)
MEDIUM (5.3)
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163.
Published: 2020-01-27T17:23:06.763Z
Updated: 2024-09-16T17:02:47.446Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.