Lucene search

MitreCVE-2020-23864

HistoryOct 27, 2020 - 2:15 p.m.

CVE-2020-23864

2020-10-2714:15:13

mitre

web.nvd.nist.gov

iobit malware fighter

8.0.2.547

cve-2020-23864

local escalation of privileges

windowsapps folder

nvd

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

32.2%

JSON

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder.

Affected configurations

Nvd

Node

iobitmalware_fighterMatch8.0.2.547-

VendorProductVersionCPE
iobitmalware_fighter8.0.2.547cpe:2.3:a:iobit:malware_fighter:8.0.2.547:*:*:*:-:*:*:*

Vendor	Product	Version	CPE
iobit	malware_fighter	8.0.2.547	cpe:2.3:a:iobit:malware_fighter:8.0.2.547::::-:::

References

daniels-it-blog.blogspot.com/2020/07/iobit-malware-fighter-arbitrary-code.html

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

32.2%

JSON

Related for CVE-2020-23864