Bitdefender Safepay Vulnerability Discovered

Bitdefender Safepay Vulnerability Discovered

A cybersecurity advisory was issued yesterday, June 24, 2020, regarding a vulnerability in Bitdefender Safepay. The vulnerability could allow an attacker to execute remote code, which could potentially lead to a breach.

What It Is:
A vulnerability has been discovered in Bitdefender Safepay, which could allow for remote code execution. Bitdefender Safepay is a protected web browser designed to secure sensitive online transactions such as online banking and e-shopping.

Successful exploitation of this vulnerability could allow an attacker to execute commands remotely in the context of the user on the system. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If the current user has been configured to have fewer rights on the system, exploitation of the vulnerability can have less impact than if it was configured with administrative rights.

Read the original Common Vulnerabilities and Exposures Brief.

Threat Intelligence:
A proof of concept of how to exploit this vulnerability currently exists.

Systems Affected:
• Bitdefender Total Security 2020 versions prior to 24.0.20.116

Risk:
Government:
• Large and medium government entities: Medium
• Small government entities: Medium
Businesses:
• Large and medium business entities: Medium
• Small business entities: Medium
Home users: High

What It Means:
If you and/or your business utilize the Bitdefender Total Security 2020 versions mentioned above, you will need to apply the stable channel update provided by Bitdefender to vulnerable systems immediately following proper testing.

Technical Summary:
A vulnerability has been discovered in Bitdefender Safepay, which could result in remote code execution. This vulnerability can be exploited if a user utilizing Bitdefender Safepay visits, or is redirected to, a specially crafted web service. This vulnerability exists due to insufficient URL sanitization and validation in Safepay Browser (CVE-2020-8102).

What To Do:
We recommend the following actions be taken:

• Apply the stable channel update provided by Bitdefender to vulnerable systems immediately after appropriate testing.
• Remind users not to visit untrusted websites or follow links provided by unknown or untrusted sources.
• Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from untrusted sources.
• Apply the Principle of Least Privilege to all systems and services.

Negative Consequences of Lost or Stolen Data:
The loss or theft of proprietary data can have severe impacts, particularly if the compromise becomes public and sensitive information is exposed. Possible impacts include:

• Temporary or permanent loss of sensitive or proprietary information.
• Disruption to regular operations.
• Financial losses incurred to restore systems and files.
• Potential harm to an organization’s reputation.

Should your agency or business need assistance with issues arising from vulnerabilities in Bitdefender Safepay including updates and/or patches, Dox can help. Please contact Dox if there is anything we can do to assist in securing your agency, business, or organization.

Thank you for your time and stay safe online.