First published: Wed Sep 30 2020(Updated: )
An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. This issue affects: Bitdefender Engines versions prior to 7.85448.
Credit: cve-requests@bitdefender.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bitdefender Engines | <7.85448 |
An automatic update to Bitdefender Engines version 7.85448 fixes the issue.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-15731 is an improper Input Validation vulnerability in Bitdefender Engines that allows an attacker to write an arbitrary file.
CVE-2020-15731 affects Bitdefender Engines versions prior to 7.85448.
CVE-2020-15731 is classified as a medium severity vulnerability with a severity value of 3.6.
An attacker can exploit CVE-2020-15731 by using a specially-crafted malicious file name to write an arbitrary file in a hardcoded location.
Yes, the fix for CVE-2020-15731 is to update Bitdefender Engines to version 7.85448 or later.