Race Condition Vulnerability in Malwarebytes by Malwarebytes
CVE-2023-43687

6.5MEDIUM

Key Information:

Vendor: Malwarebytes
Status: Malwarebytes
Vendor: CVE Published:; 14 August 2025

🔔 Create Malwarebytes Vulnerability Alert

What is CVE-2023-43687?

A race condition vulnerability has been identified in Malwarebytes versions before 4.6.14.326 and 5.1.5.116, as well as in Nebula 2020-10-21 and later. This issue stems from an insufficient locking mechanism between file verification and execution processes, allowing for potential code execution by an unauthorized actor. Users are advised to update their software to the latest versions to mitigate this risk.

References

https://www.malwarebytes.com/secure/cves/cve-2023-43687

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2025
Vulnerability Reserved
Sep 21, 2023

CVE-2023-43687 Data

JSON