Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper handling of registry symbolic links in Bitdefender Engines
Vulnerability Description
An Improper Access Control vulnerability in the bdservicehost.exe component, as used in Bitdefender Engines for Windows, allows an attacker to delete privileged registry keys by pointing a Registry symlink to a privileged key. This issue affects: Bitdefender Engines versions prior to 7.92659. It also affects Bitdefender Antivirus Free, Bitdefender Antivirus Plus, Bitdefender Internet Security, Bitdefender Total Security, as well as Bitdefender Endpoint Security Tools for Windows with engine versions prior to 7.92659.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
多款Bitdefender产品访问控制错误漏洞
Vulnerability Description
Bitdefender Engines等都是罗马尼亚比特梵德(Bitdefender)公司的产品。Bitdefender Engines是一款杀毒软件引擎。Bitdefender Endpoint Security Tool是一款终端安全管理工具。Bitdefender Antivirus Plus是一套主要提供网络威胁检测和勒索软件防护功能的杀毒软件。 Bitdefender 多款产品存在访问控制错误漏洞,该漏洞源于允许攻击者通过将注册表符号链接指向特权键来删除特权注册表键。
CVSS Information
N/A
Vulnerability Type
N/A