CVE-2023-27469
CVSS 3.1 Score 7.1 of 10 (high)
Details
Summary
CVE-2023-27469 is a newly disclosed vulnerability affecting Malwarebytes Anti-Exploit version 4.4.0.220. Hackers can exploit this issue by sending an ALPC message with a malformed FullFileNamePath, leading to arbitrary file deletion and potential denial of service. The absence of a '\\0' character in the FullFileNamePath allows the attacker to bypass security checks, enabling them to delete critical system files or cause service interruptions. This vulnerability poses a serious risk to users running the affected version of Malwarebytes Anti-Exploit and requires immediate attention from system administrators to apply the necessary patch.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions