6.1
CVE-2021-4198
- EPSS 0.13%
- Veröffentlicht 07.03.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:07
- Quelle cve-requests@bitdefender.com
- Teams Watchlist Login
- Unerledigt Login
A NULL Pointer Dereference vulnerability in the messaging_ipc.dll component as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools, VPN Standalone allows an attacker to arbitrarily crash product processes and generate crashdump files. This issue affects: Bitdefender Total Security versions prior to 26.0.3.29. Bitdefender Internet Security versions prior to 26.0.3.29. Bitdefender Antivirus Plus versions prior to 26.0.3.29. Bitdefender Endpoint Security Tools versions prior to 7.2.2.92. Bitdefender VPN Standalone versions prior to 25.5.0.48.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bitdefender ≫ Antivirus Plus Version < 26.0.3.29
Bitdefender ≫ Endpoint Security Tools Version < 7.2.2.92
Bitdefender ≫ Internet Security Version < 26.0.3.29
Bitdefender ≫ Total Security Version < 26.0.3.29
Bitdefender ≫ Vpn Standalone Version < 25.5.0.48
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.335 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.1 | 1.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
|
| nvd@nist.gov | 3.6 | 3.9 | 4.9 |
AV:L/AC:L/Au:N/C:N/I:P/A:P
|
| cve-requests@bitdefender.com | 6.1 | 1.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.