Vulnerability Details : CVE-2014-4936
Public exploit exists!
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable.
Vulnerability category: Execute code
Products affected by CVE-2014-4936
- Malwarebytes » Malwarebytes Anti-exploit » Consumer EditionVersions up to, including, (<=) 1.04.1.1012cpe:2.3:a:malwarebytes:malwarebytes_anti-exploit:*:*:*:*:consumer:*:*:*
- cpe:2.3:a:malwarebytes:malwarebytes_anti-malware:*:*:*:*:consumer:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4936
3.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 91 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-4936
-
Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution
Disclosure Date: 2014-12-16First seen: 2020-04-26exploit/windows/browser/malwarebytes_update_execThis module exploits a vulnerability in the update functionality of Malwarebytes Anti-Malware consumer before 2.0.3 and Malwarebytes Anti-Exploit consumer 1.03.1.1220. Due to the lack of proper update package validation, a man-in-the-middle (MITM) attacker co
CVSS scores for CVE-2014-4936
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2014-4936
-
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-4936
-
http://packetstormsecurity.com/files/130244/Malwarebytes-Anti-Malware-Anti-Exploit-Update-Remote-Code-Execution.html
Malwarebytes Anti-Malware / Anti-Exploit Update Remote Code Execution ≈ Packet Storm
-
http://blog.0x3a.com/post/104954032239/cve-2014-4936-malwarebytes-anti-malware-and
0x3a - Security Specialist and programmer by trade - CVE-2014-4936: Malwarebytes Anti-Malware and Anti-Exploit upgrade hijackingExploit
Jump to