Insufficient URL sanitization and validation in Safepay Browser (VA-8631)
CVE-2020-8102

8.8HIGH

Key Information:

Vendor: Bitdefender
Status: Bitdefender Total Security 2020
Vendor: CVE Published:; 22 June 2020

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2020-8102?

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.

Affected Version(s)

Bitdefender Total Security 2020 < 24.0.20.116

References

https://www.bitdefender.com/support/security-advisories/i...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 22, 2020
Vulnerability Reserved
Jan 28, 2020

Credit

Wladimir Palant