Lucene search

[email protected]NVD:CVE-2023-29145

HistoryJun 30, 2023 - 8:15 p.m.

CVE-2023-29145

2023-06-3020:15:09

[email protected]

web.nvd.nist.gov

cve-2023-29145

arbitrary code execution

whitelisting bypass

linux

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

The Malwarebytes EDR 1.0.11 for Linux driver doesn’t properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY_PATH, set LD_PRELOAD, or run an executable file in a debugger.

Affected configurations

Nvd

Node

malwarebytesendpoint_detection_and_responseRange≤1.0.11linux

malwarebytesmalwarebytesRange≤1.0.14linux

VendorProductVersionCPE
malwarebytesendpoint_detection_and_response*cpe:2.3:a:malwarebytes:endpoint_detection_and_response:*:*:*:*:*:linux:*:*
malwarebytesmalwarebytes*cpe:2.3:a:malwarebytes:malwarebytes:*:*:*:*:*:linux:*:*

Vendor	Product	Version	CPE
malwarebytes	endpoint_detection_and_response	*	cpe:2.3:a:malwarebytes:endpoint_detection_and_response::::::linux::*
malwarebytes	malwarebytes	*	cpe:2.3:a:malwarebytes:malwarebytes::::::linux::*

References

malwarebytes.com

www.malwarebytes.com/secure/cves/cve-2023-29145

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-29145

prion1 cvelist1 cve1