CVE-2021-3485
6.4 MEDIUMAn Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in...
Published: 2021-05-24 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 6.4 MEDIUM
- Vector
- CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-494
Affected products
| Vendor | Product |
|---|---|
| bitdefender | endpoint_security_tools |
Description
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3485
- [Exploit reference]https://herolab.usd.de/security-advisories/usd-2021-0014/
- [Vendor advisory]https://www.bitdefender.com/support/security-advisories/improper-input-validation-in-bitdefender-endpoint-security-tools-for-linux-va-9769
- [Exploit reference]https://herolab.usd.de/security-advisories/usd-2021-0014/
- [Vendor advisory]https://www.bitdefender.com/support/security-advisories/improper-input-validation-in-bitdefender-endpoint-security-tools-for-linux-va-9769
Related CVEs
Same vendor
- CVE-2026-10047 — The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in ... (7.8 HIGH)
- CVE-2026-10046 — Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, im... (7.8 HIGH)
- CVE-2025-7073 — A local privilege escalation vulnerability in Bitdefender Total Security versions prior to 27.0.47.241 allows low-privileged attackers to... (7.8 HIGH)
- CVE-2021-3823 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender... (7.1 HIGH)
- CVE-2021-3579 — Incorrect Default Permissions vulnerability in the bdservicehost.exe and Vulnerability.Scan.exe components as used in Bitdefender Endpoin... (7.8 HIGH)
Same CWE
- CVE-2026-9037 — A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through...
- CVE-2026-45058 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client
- CVE-2026-9089 — The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update opera... (8.8 HIGH)
- CVE-2026-42249 — Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled... (9.8 CRITICAL)
- CVE-2026-42248 — Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables (9.8 CRITICAL)