Privilege escalation in Bitdefender
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-10950 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Bitdefender Total Security Client/Desktop applications / Antivirus software/Personal firewalls |
| Vendor | Bitdefender |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU7990
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2017-10950
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on vulnerable installations of Bitdefender Total Security.
The weakness exist due to the lack of validating the existence of an object prior to performing operations on the object. A local attacker can trigger double-free error within processing of the 0x8000E038 IOCTL in the bdfwfpf driver and execute arbitrary code with system privileges.
Successful exploitation of the vulnerability may result in system compromise.
The vulnerability is addressed in the following versions: 2017 Build 21.2.25.30 and 2018 Build 22.0.8.114 or later.
Vulnerable software versionsBitdefender Total Security: 2017 - 2018
CPE2.3- cpe:2.3:a:bitdefender:bitdefender_total_security:2017:*:*:*:*:*:*:*
- cpe:2.3:a:bitdefender:bitdefender_total_security:2018:*:*:*:*:*:*:*
https://www.zerodayinitiative.com/advisories/ZDI-17-693/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
