Privilege Escalation Vulnerability in Malwarebytes AdwCleaner
CVE-2025-67905

8.7HIGH

Key Information:

Vendor: Malwarebytes
Status: AdwCleaner
Vendor: CVE Published:; 17 February 2026

🔔 Create Malwarebytes Vulnerability Alert

What is CVE-2025-67905?

Malwarebytes AdwCleaner, prior to version 8.7.0, operates with elevated privileges and performs an unsafe log file deletion process. This design flaw allows a non-administrator user to escalate their privileges to SYSTEM by manipulating symbolic links. Specifically, an attacker can create a file in a targeted folder, which enables them to intervene in the application’s log file deletion sequence, potentially compromising security and gaining unauthorized access to sensitive system resources.

References

https://Malwarebytes.com

https://www.malwarebytes.com/secure/cves/cve-2025-67905

CVSS V3.1

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Dec 15, 2025

CVE-2025-67905 Data

JSON