The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable.
CPE | Name | Operator | Version |
---|---|---|---|
malwarebytes_anti-exploit | le | 1.04.1.1012 | |
malwarebytes_anti-malware | le | 2.02 |