Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Advanced Systemcare Security Vulnerabilities

cve
cve

CVE-2018-16711

IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer...

8.8CVSS

8.8AI Score

0.001EPSS

2018-09-26 10:29 PM
22
cve
cve

CVE-2018-16712

IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.

6.5CVSS

6.2AI Score

0.001EPSS

2018-09-26 10:29 PM
21
cve
cve

CVE-2018-16713

IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer...

6.5CVSS

6.7AI Score

0.001EPSS

2018-09-26 10:29 PM
22
cve
cve

CVE-2020-10234

The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function:...

6.5CVSS

6.3AI Score

0.001EPSS

2021-02-05 07:15 PM
17
2
cve
cve

CVE-2020-14990

IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.

7.1CVSS

7AI Score

0.0004EPSS

2020-06-22 09:15 PM
22
cve
cve

CVE-2020-23738

There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174. Attackers can use a constructed program to cause a computer crash (BSOD)

5.5CVSS

5.3AI Score

0.0004EPSS

2020-12-03 07:15 PM
25
cve
cve

CVE-2021-44968

A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024,...

7.8CVSS

8AI Score

0.0005EPSS

2022-02-18 06:15 PM
37
cve
cve

CVE-2022-24138

IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...

7.8CVSS

7.7AI Score

0.001EPSS

2022-07-06 01:15 PM
36
4