CVE-2023-29144 – Malwarebytes Agent – Detectie omzeilen
SAMENVATTING:
Malwarebytes Endpoint Agent for Linux before 1.1.64 and Malwarebytes for Windows v5 with an update package version < 1.0.104841, doesn’t properly compute signatures in some scenarios. This allows a bypass of detection.
GETROFFEN VERSIES
- Endpoint Agent for Linux < 1.1.64
- Malwarebytes for Windows v5 having an update package version <1.0.104841
GEPATCHTE VERSIES
- Endpoint Agent voor Linux >= 1.1.64
- Malwarebytes Windows >= 5.3.0.186 | Updatepakketversie >= 1.0.104841
MITIGATIEADVIES
We raden aan om de getroffen endpoints te upgraden naar de gepatchte versies.
DETAILS
| CWE | CVS 3.x | Vector |
| CWE-190: Integer-overloop | 7,5 Hoog | Lokaal |