CVE-2023-29147

Published: Jun 30, 2023Modified: Nov 26, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files on different filesystems can have the same identifier.

Affected (2)

Products: Malwarebytes: Endpoint Detection And Response, Malwarebytes

2 products

Endpoint Detection And Response

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Malwarebytes Endpoint Detection And Response	Up to 1.0.11
Malwarebytes Malwarebytes	Up to 1.0.14

Related CWEs

Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

References (4)

https://malwarebytes.com

Source: cve@mitre.org

Product

https://www.malwarebytes.com/secure/cves/cve-2023-29147

Source: cve@mitre.org

Vendor Advisory

https://malwarebytes.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

https://www.malwarebytes.com/secure/cves/cve-2023-29147

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.