CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26088
https://notcve.org/view.php?id=CVE-2023-26088
In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios. • https://support.malwarebytes.com/hc/en-us/articles/14279575968659-Malwarebytes-for-Windows-4-5-23-Release-Notes https://www.malwarebytes.com/secure/cves/cve-2023-26088 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-28641
https://notcve.org/view.php?id=CVE-2020-28641
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. En Malwarebytes Free versión 4.1.0.56, se puede utilizar un enlace simbólico para eliminar un archivo arbitrario en el sistema explotando el sistema de cuarentena local • https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection https://support.malwarebytes.com/hc/en-us/articles/360058885974-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-for-Windows https://www.malwarebytes.com • CWE-59: Improper Link Resolution Before File Access ('Link Following') •