CVE-2024-6260
CVSS 3.0 Score 7.0 of 10 (high)
Details
Published Nov 22, 2024
CWE ID 59
Summary
CVE-2024-6260 is a privilege escalation vulnerability affecting Malwarebytes Antimalware. Local attackers can exploit this flaw by manipulating symbolic links in the Malwarebytes service, enabling them to delete a critical file. With successful exploitation, an attacker can escalate privileges and run arbitrary code with SYSTEM level access. The prerequisite for an attack is the ability to execute low-privileged code on the target system. This vulnerability, identified as ZDI-CAN-22321, underscores the importance of maintaining secure software configurations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share