CVE-2023-29147

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 30, 2023

Updated: Jul 10, 2023

Summary

CVE-2023-29147 is a vulnerability affecting Malwarebytes EDR 1.0.11 for Linux. This issue allows an attacker to bypass certain detection layers relying on inode identifiers. Since identifiers can be reused when a file is replaced, an adversary can exploit this quirk to evade detection. Moreover, the vulnerability extends to files on different filesystems having the same identifier, further increasing the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Malwarebytes

Affected Vendors

Malwarebytes

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r1Y5w6
https://www.cve.org/CVERecord?id=CVE-2023-29147
https://nvd.nist.gov/vuln/detail/CVE-2023-29147

Back to Vulnerability Database