Vulnerability CVE-2020-10234


Published: 2021-02-05

Description:
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter are affected.

Type:

NVD-CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Iobit -> Advanced systemcare 

 References:
https://github.com/FULLSHADE/Kernel-exploits
https://github.com/FULLSHADE/Kernel-exploits/tree/master/AscRegistryFilter.sys
https://www.iobit.com/en/advancedsystemcarefree.php

Copyright 2021, cxsecurity.com

 

Back to Top