Malwarebytes Binisoft Windows Firewall Control, a crucial component in ensuring system security, harbors a severe vulnerability marked as CVE-2024-25089. This vulnerability, classified with a CVSS score of 9.8 (CRITICAL), signifies the potential for remote attackers to execute arbitrary code using gRPC named pipes.
The NIST-assigned vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) outlines the specifics of this exploit, emphasizing the critical nature of the security loophole. The National Vulnerability Database (NVD) analysts have derived this score based on publicly available information, as the CVE List’s assigned Common Vulnerability Scoring System (CVSS) score is yet to be provided by the Common Vulnerabilities and Exposures (CNA).
The details of this vulnerability and its potential impact can be explored through the HackerOne report and release notes. It is imperative for users to take immediate action, including updating to the latest version, to mitigate the risk of exploitation.
Reference:
