Vulnerability Details CVE-2020-28641
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.5%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 6.6
References
- https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection
- https://support.malwarebytes.com/hc/en-us/articles/360058885974-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-for-Windows
- https://www.malwarebytes.com
- https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection
- https://support.malwarebytes.com/hc/en-us/articles/360058885974-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-for-Windows
- https://www.malwarebytes.com
Products affected by CVE-2020-28641
-
cpe:2.3:a:malwarebytes:endpoint_protection:*
-
cpe:2.3:a:malwarebytes:malwarebytes:4.1.0.56