CVE-2020-8102

Name of the Vulnerable Software and Affected Versions Bitdefender Total Security 2020 versions prior to 24.0.20.116

Description The issue is related to an Improper Input Validation vulnerability in the Safepay browser component, allowing an external, specially crafted web page to run remote commands inside the Safepay Utility process. This vulnerability can be exploited to achieve remote code execution (RCE) from any website. The vulnerability is not the first instance of a security flaw in antivirus software, as similar issues have been found in other antivirus products in the past.

Recommendations For Bitdefender Total Security 2020 versions prior to 24.0.20.116, update to version 24.0.20.116 or later to resolve the issue. As a temporary workaround, consider restricting access to the Safepay browser component until the update is applied.