CVE-2025-67905 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Malwarebytes AdwCleaner before v.8.7.0 runs as Administrator and performs an insecure log file delete operation in which the target location is user-controllabl…
High CVSS: 8.7

CVE-2025-67905

Malwarebytes AdwCleaner before v.8.7.0 runs as Administrator and performs an insecure log file delete operation in which the target location is user-controllable, allowing a non-admin user to escalate privileges to SYSTEM via a symbolic link, a related issue to CVE-2023-28892. To exploit this, an attacker must create a file in a given folder path and intercept the application log file deletion flow.
Vendor
-
Product
-
CWE
CWE-269
Yayın Tarihi
2026-02-17 17:21:04
Güncelleme
2026-02-18 17:52:22
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-269 HIGH 2026

Referanslar

https://Malwarebytes.com https://www.malwarebytes.com/secure/cves/cve-2025-67905