How severe is CVE-2021-4199?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2021-4199?

This is classified as CWE-732, which is a common weakness in software security.

CVE-2021-4199

HIGH Year: 2021

CVSS v3 Score

7.8

High

CVSS v2 Score

7.2

High

Weakness Type

CWE-732

View all →

Vulnerability Description

Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issue affects: Bitdefender Total Security versions prior to 26.0.10.45. Bitdefender Internet Security versions prior to 26.0.10.45. Bitdefender Antivirus Plus versions prior to 26.0.10.45. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.3.146.

CVE-2007-5544

HIGH

CVSS:7.8(High)

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC,...

CWE-7322007

CVE-2008-0322

HIGH

CVSS:7.8(High)

The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone/Write permissions for the "\\.\I2OExc" device interface, which allows local users to gain privileges. N...

CWE-7322008

CVE-2008-0662

HIGH

CVSS:7.8(High)

The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows caches credentials under the Checkpoint\SecuRemote registry key, which has Everyone/Full Control p...

CWE-7322008

CVE-2009-0115

HIGH

CVSS:7.8(High)

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating system...

CWE-7322009

CVE-2009-3289

HIGH

CVSS:7.8(High)

The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demons...

CWE-7322009

CVE-2009-3482

HIGH

CVSS:7.8(High)

TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions (Everyone: Full Control) for files under %PROGRAMFILES%, which allows local users to gain privileges by rep...

CWE-7322009

CVE-2021-4199

Vulnerability Description

Related Vulnerabilities

CVE-2007-5544

CVE-2008-0322

CVE-2008-0662

CVE-2009-0115

CVE-2009-3289

CVE-2009-3482