The host is installed with Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle issues in the upgrade functionalities. Successful exploitation could allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable.