PT-2023-22170 · Malwarebytes · Malwarebytes Edr
Published
2023-06-30
·
Updated
2024-11-26
·
CVE-2023-29147
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Malwarebytes EDR version 1.0.11
Description
The issue allows bypassing detection layers that rely on inode identifiers. This is possible because an identifier may be reused when a file is replaced, and two files on different filesystems can have the same identifier.
Recommendations
For Malwarebytes EDR version 1.0.11, consider implementing additional detection mechanisms that do not solely rely on inode identifiers to enhance security until a patch is available.
Fix
Authentication Bypass by Spoofing
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Malwarebytes Edr