CVE-2024-44744

MEDIUM

Malwarebytes Premium Security <5.0.0.883 - RCE

Title source: llm

Description

An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users.

References (2)

Core 2

Core References

Various Sources

https://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win32-to-nt.html

Various Sources

https://medium.com/%40danielshaulov01/malwarebytes-premium-security-av-bypass-cve-2024-44744-97bb6192ed4a

Scores

CVSS v3 5.7

EPSS 0.0035

EPSS Percentile 26.5%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Published Oct 01, 2024

Tracked Since Feb 18, 2026