507 matches found
IObit Malware Fighter 安全漏洞
IOBit Malware Fighter is a suite of antivirus software for Windows-based platforms from IOBit. The program has anti-malware and virus protection features. A security vulnerability exists in IObit Malware Fighter v9.2, which is caused by allowing an authenticated attacker with administrator...
IObit Malware Fighter 9.2 Tampering / Privilege Escalation Vulnerability
IObit Malware Fighter version 9.2 fails to provide sufficient anti-tampering protection and that shortcoming can be leveraged to escalate to SYSTEM privileges. + Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source:...
IObit Malware Fighter 9.2 Tampering / Privilege Escalation
Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source: "https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/" Vendor: ============= www.iobit.com Product: =========== IObit Malware Fighter 9.2 IObit Malware Fighter is an advanced malware & spyware...
IOBit IOTransfer Arbitrary File Write (CVE-2022-24562)
An arbitrary file write vulnerability exists in IOBit IOTransfer. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access arbitrary file...
CVE-2022-24139
In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...
CVE-2022-24139
In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...
CVE-2022-24140
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...
CVE-2022-24138
IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...
CVE-2022-24138
IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...
Remote code execution
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...
Code injection
IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...
CVE-2022-24140
The CVE-2022-24140 entry affects IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot. The issue arises in the update mechanism: products fetch a config file via HTTP, parse the update location from that file, and automatically install updat...
CVE-2022-24140
IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...
CVE-2022-24139
The CVE concerns IOBit Advanced System Care, ASCService.exe (version 15). An attacker with SEImpersonatePrivilege can create a named pipe that reuses one of ASCService’s expected named pipe names. ASCService first attempts to connect to the named pipe before creating its pipes, so during login th...
CVE-2022-24139
In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...
CVE-2022-24138
IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...
CVE-2022-24138
CVE-2022-24138 affects IOBit Advanced System Care (Asc.exe) 15 and Action Download Center. The root cause is that components are downloaded into the ProgramData folder, which has broad (rwx) permissions for unprivileged users, allowing a low-privilege user to exploit SetOpLock to wait for CreateP...
IOBit Advanced System Care Free 安全漏洞
IOBit Advanced System Care Free is a system management utility from IOBit UK. The program is mainly used for scanning, repairing and optimizing your system, among other things. A security vulnerability exists in IOBit Advanced System Care Free 15. An attacker has exploited the vulnerability to...
IOBit Advanced System Care (Asc.exe) 15、Action Download Center 安全漏洞
IOBit Advanced System Care Free and IOBit Action Download Center are both products of the British company IOBit.IOBit Advanced System Care Free is a system management utility. The program is mainly used for scanning, repairing and optimizing the system, etc.IOBit Action Download Center is a...
多款IOBit产品安全漏洞
IOBit Advanced System Care Free is a system management utility. iTop Screen Recorder is a powerful free Windows screen recorder. iTop VPN is a VPN software. iTop VPN is a VPN software. IOBit Advanced System Care Free is a system management utility. iTop Screen Recorder is a product of iTop. iTop...