Name of the Vulnerable Software and Affected Versions:

Malwarebytes Binisoft Windows Firewall Control version 6.9.2.0

Description:

The issue concerns a lack of access control in the wfc.exe component of Malwarebytes Binisoft Windows Firewall Control, allowing local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. The vendor considers this behavior intended, as the application can be locked using a password.

Recommendations:

For Malwarebytes Binisoft Windows Firewall Control version 6.9.2.0, consider locking the application using a password to restrict unauthorized access, as suggested by the vendor's perspective on the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.