CVE-2023-28892 - Malwarebytes AdwCleaner - Privilege Escalation

 

SUMMARY:

AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link.

AFFECTED VERSIONS

  • Malwarebytes AdwCleaner <= 8.4.0

PATCHED VERSIONS

  • No fixed version available.

MITIGATION ADVICE

We recommend upgrading the affected endpoints to the patched versions when made available.

DETAILS

CWE CVS 3.x Vector
CWE-269: Improper Privilege Management 8.6 High Local

Select your language

New Buy Online Partner Icon Warning Icon Edge icon