CVE-2021-3579: 
Bitdefender Endpoint Security Tools vulnerability analysis and mitigation

A local privilege escalation vulnerability (CVE-2021-3579) was discovered in Bitdefender's security products, specifically affecting the bdservicehost.exe and Vulnerability.Scan.exe components. The vulnerability was disclosed on October 28th, 2021, impacting Bitdefender Endpoint Security Tools for Windows and Bitdefender Total Security versions prior to 7.2.1.65 (Bitdefender Advisory).

The vulnerability stems from incorrect default permissions in the bdservicehost.exe and Vulnerability.Scan.exe components. The specific flaw exists within the endpoint client, where the issue results from allowing an untrusted process to impersonate the client of a pipe. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High), with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, low privileges required, and no user interaction needed (ZDI Advisory).

If successfully exploited, this vulnerability allows an attacker to escalate privileges to NT AUTHORITY\SYSTEM level on the affected system. This means an attacker could gain the highest level of system privileges, potentially leading to complete system compromise (Bitdefender Advisory).

Bitdefender addressed this vulnerability through an automatic update. Users should ensure they are running Bitdefender Endpoint Security Tools version 7.2.1.65 or later, or Bitdefender Total Security version 25.0.26 or later. Prior to the patch, the only salient mitigation strategy was to restrict interaction with the application (Bitdefender Advisory, ZDI Advisory).