RSS   Vulnerabilities for 'Advanced systemcare'   RSS

2022-07-06
 
CVE-2022-24138

CWE-552
 

 
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).

 
2021-02-05
 
CVE-2020-10234

NVD-CWE-noinfo
 

 
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter are affected.

 
2020-06-22
 
CVE-2020-14990

CWE-269
 

 
IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.

 
2018-09-26
 
CVE-2018-16713

CWE-119
 

 
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.

 
 
CVE-2018-16712

CWE-200
 

 
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.

 
 
CVE-2018-16711

CWE-119
 

 
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.

 

 >>> Vendor: Iobit 12 Products
Amc security- antivirus, clean
Amc security antivirus clean
Advanced systemcare ultimate
Malware fighter
Advanced systemcare
Smart defrag
Iobit unlocker
Itop vpn
Itop screenshot
Driver booster
Itop screen recorder
Advanced system care


Copyright 2024, cxsecurity.com

 

Back to Top