CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25533
https://notcve.org/view.php?id=CVE-2020-25533
15 Jan 2021 — An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct a situation where the same PID is used for running two different programs at different times, by leveraging a race condition during crafted use of posix_spawn. Se detectó un problema en Malwarebytes versiones ant... • https://wojciechregula.blog/post/learn-xpc-exploitation-part-2-say-no-to-the-pid • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-28641
https://notcve.org/view.php?id=CVE-2020-28641
22 Dec 2020 — In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. En Malwarebytes Free versión 4.1.0.56, se puede utilizar un enlace simbólico para eliminar un archivo arbitrario en el sistema explotando el sistema de cuarentena local • https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11507
https://notcve.org/view.php?id=CVE-2020-11507
06 Apr 2020 — An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded. Una vulnerabilidad de Ruta de Búsqueda No Confiable en Malwarebytes AdwCleaner versión 8.0.3, podría causar una ejecución de código arbitraria con privilegios SYSTEM cuando una biblioteca DLL maliciosa se cargada. • https://forums.malwarebytes.com/topic/258140-release-adwcleaner-804 • CWE-426: Untrusted Search Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19929
https://notcve.org/view.php?id=CVE-2019-19929
23 Dec 2019 — An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner before 8.0.1 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded by the product. Una vulnerabilidad de Ruta de Búsqueda No Confiable en Malwarebytes AdwCleaner versiones anteriores a 8.0.1, podría causar una ejecución de código arbitrario con privilegios SYSTEM cuando el producto carga una biblioteca DLL maliciosa. • https://borncity.com/win/2019/12/19/adwcleaner-8-0-1-closes-a-dll-hijacking-vulnerability • CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 4%CPEs: 1EXPL: 0CVE-2019-6739 – Malwarebytes Anti-Malware URI Handler Remote Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-6739
20 Feb 2019 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Malwarebytes Antimalware 3.6.1.2711. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the way the product handles URIs within certain schemes. The product does not warn the user that a dangerous navigation is about to take place. Because special characters in the URI are not sanitized, this could lead to the execution of arbi... • https://www.zerodayinitiative.com/advisories/ZDI-19-223 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2016-10717
https://notcve.org/view.php?id=CVE-2016-10717
21 Mar 2018 — A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. Files blacklisted by Malwarebytes Malware Protect can be executed, and domains blacklisted by Malwarebytes Web Protect can be reached through HTTP. Una vulnerabilidad... • http://www.securitytube.net/video/16690 • CWE-254: 7PK - Security Features •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5271
https://notcve.org/view.php?id=CVE-2018-5271
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e008. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • http://www.securityfocus.com/bid/102471 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5273
https://notcve.org/view.php?id=CVE-2018-5273
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e014 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5272
https://notcve.org/view.php?id=CVE-2018-5272
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e004 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-5276
https://notcve.org/view.php?id=CVE-2018-5276
08 Jan 2018 — In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit). ** EN DISPUTA ** En Malwarebytes Premium 3.3.1.2183, el archivo del controlador (FARFLT.SYS) permite que usuarios locales provoquen una denegación de... • https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Malwarebytes_POC/tree/master/0x9c40e018 • CWE-20: Improper Input Validation •