CVE-2016-10717

Name: CVE-2016-10717
Creator: NVD / NIST
Published: 2018-03-21T21:29:00.28+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.06%

Last modified Jun 17, 2026

CVE-2016-10717 is a vulnerability of currently unknown severity. A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. Files blacklisted by Malwarebytes Malware Protect can be executed, and domains blacklisted by Malwarebytes Web Protect can be reached through HTTP.. EPSS estimates a 1.06% chance of exploitation in the next 30 days.

Description

A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. Files blacklisted by Malwarebytes Malware Protect can be executed, and domains blacklisted by Malwarebytes Web Protect can be reached through HTTP.

Metrics

EPSS Probability

1.06%

60.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-254

Affected Software

Vendor	Product	Versions
Malwarebytes	Malwarebytes Anti-Malware	2.2.1

References

http://www.securitytube.net/video/16690Third Party Advisory
https://forums.malwarebytes.com/topic/158251-malwarebytes-hall-of-fame/Vendor Advisory
https://github.com/mspaling/mbam-exclusions-poc-Exploit, Third Party Advisory
https://github.com/mspaling/mbam-exclusions-poc-/blob/master/mbam-whitelist-poc.txtExploit, Third Party Advisory
https://www.youtube.com/watch?v=LF5ic5nOoUYThird Party Advisory
http://www.securitytube.net/video/16690Third Party Advisory
https://forums.malwarebytes.com/topic/158251-malwarebytes-hall-of-fame/Vendor Advisory
https://github.com/mspaling/mbam-exclusions-poc-Exploit, Third Party Advisory
https://github.com/mspaling/mbam-exclusions-poc-/blob/master/mbam-whitelist-poc.txtExploit, Third Party Advisory
https://www.youtube.com/watch?v=LF5ic5nOoUYThird Party Advisory

Timeline

Published: Mar 21, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-10717?

How severe is CVE-2016-10717?

Severity scoring for CVE-2016-10717 is pending analysis. The EPSS model estimates a 1.06% probability of exploitation in the next 30 days.

How do I fix CVE-2016-10717?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-10717?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST