CVE-2020-8102 Information

Feb 14, 2021 cve

Description

Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

https://www.bitdefender.com/support/security-advisories/insufficient-url-sanitization-validation-safepay-browser-va-8631/ https://www.bitdefender.com/support/security-advisories/insufficient-url-sanitization-validation-safepay-browser-va-8631/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.8

Share on: