CVE-2020-15731

LOW

Bitdefender Engines < 7.85448 - Arbitrary File Write via File Renaming and Recovery

Title source: llm
STIX 2.1

Description

An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.

Scores

CVSS v3 3.2
EPSS 0.0053
EPSS Percentile 41.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N

Details

CWE
CWE-20
Status published
Products (1)
bitdefender/engines < 7.85448
Published Sep 30, 2020
Tracked Since Feb 18, 2026