Description
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.bitdefender.com/support/security-advisories/insufficient-url-sanitization-validation-safepay-browser-va-8631/
Scores
CVSS v3
8.8
EPSS
0.0107
EPSS Percentile
60.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
bitdefender/total_security_2020
< 24.0.20.116
Published
Jun 22, 2020
Tracked Since
Feb 18, 2026