CVE-2022-25150 — HIGH (7.8)

Q: What is CVE-2022-25150?

CVE-2022-25150 is a vulnerability with a CVSS score of 7.8 (HIGH). In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.

Q: How severe is CVE-2022-25150?

CVE-2022-25150 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-25150?

Check the references section above for vendor advisories and patch information. Affected products include: Malwarebytes Binisoft Windows Firewall Control.

Vulnerability Description

In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Malwarebytes	Binisoft Windows Firewall Control	< 6.8.1.0

Related Weaknesses (CWE)

CWE-269

References

https://binisoft.org/changelog.txtRelease NotesVendor Advisory
https://hackerone.com/bugs?report_id=1205932Third Party Advisory
https://binisoft.org/changelog.txtRelease NotesVendor Advisory
https://hackerone.com/bugs?report_id=1205932Third Party Advisory

FAQ

What is CVE-2022-25150?

CVE-2022-25150 is a vulnerability with a CVSS score of 7.8 (HIGH). In Malwarebytes Binisoft Windows Firewall Control before 6.8.1.0, programs executed from the Tools tab can be used to escalate privileges.

How severe is CVE-2022-25150?

CVE-2022-25150 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-25150?

Check the references section above for vendor advisories and patch information. Affected products include: Malwarebytes Binisoft Windows Firewall Control.