Arbitrary File Deletion and Privilege Escalation Vulnerability in Malwarebytes (before 4.5.23)

Arbitrary File Deletion and Privilege Escalation Vulnerability in Malwarebytes (before 4.5.23)

CVE-2023-26088 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the system by exploiting the local quarantine system. It can also lead to privilege escalation in certain scenarios.

Learn more about our Cis Benchmark Audit For Apple Ios.