Malwarebytes: >> Adwcleaner >> 8.0.3 Security Vulnerabilities
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link.
CVSS Score
7.8
EPSS Score
0.005
Published
2023-03-29
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-04-06