Path traversal

IOBit IOTransfer V4 is vulnerable to Unquoted Service Path...

CVE-2022-37197

CVE-2022-37197 concerns IOBit IOTransfer V4 with an Unquoted Service Path, specifically the IOTUpdaterSvc binary path (C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe). Public sources (NVD/Red Hat/CVE lists, Exploit-DB, PT Security) confirm a local vulnerability where an unquoted service...

CVE-2022-37197

IOBit IOTransfer V4 is vulnerable to Unquoted Service Path...

PT-2022-23867 · Iobit · Iobit Iotransfer

Name of the Vulnerable Software and Affected Versions: IOBit IOTransfer version 4 Description: The issue is related to an unquoted service path in IOBit IOTransfer. This could potentially allow for exploitation. Recommendations: For IOBit IOTransfer version 4, update to a newer version that fixes...

CVE-2022-37197

IOBit IOTransfer V4 is vulnerable to Unquoted Service Path...

IOBit IOTransfer 代码问题漏洞

IOBit IOTransfer is an easy-to-use iOS file transfer tool, phone cleaner, and video downloader from IOBit. Easily transfer/synchronize/move/backup photos, music, videos, contacts and more. A security vulnerability exists in version V4 of IOBit IOTransfer, which stems from its unquoted service pat...

CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

Code injection

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

CVE-2022-37771

CVE-2022-37771 affects IObit Malware Fighter v9.2 on Windows, where lack of tamper protection lets an authenticated Administrator modify application processes and escalate to SYSTEM via a crafted executable. The issue is described as a local vulnerability with high impact on confidentiality, inte...

CVE-2022-37771

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable...

IObit Malware Fighter 安全漏洞

IOBit Malware Fighter is a suite of antivirus software for Windows-based platforms from IOBit. The program has anti-malware and virus protection features. A security vulnerability exists in IObit Malware Fighter v9.2, which is caused by allowing an authenticated attacker with administrator...

PT-2022-24061 · Iobit · Iobit Malware Fighter

Name of the Vulnerable Software and Affected Versions: IObit Malware Fighter version 9.2 Description: The issue allows authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable, due to the lack of...

IObit Malware Fighter 9.2 Tampering / Privilege Escalation Vulnerability

IObit Malware Fighter version 9.2 fails to provide sufficient anti-tampering protection and that shortcoming can be leveraged to escalate to SYSTEM privileges. + Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source:...

IObit Malware Fighter 9.2 Tampering / Privilege Escalation

Credits: Yehia Elghaly aka Mrvar0x + Website: https://mrvar0x.com/ + Source: "https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/" Vendor: ============= www.iobit.com Product: =========== IObit Malware Fighter 9.2 IObit Malware Fighter is an advanced malware & spyware...

IOBit IOTransfer Arbitrary File Write (CVE-2022-24562)

An arbitrary file write vulnerability exists in IOBit IOTransfer. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access arbitrary file...

CVE-2022-24140

IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file a...

CVE-2022-24139

In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...

CVE-2022-24139

In IOBit Advanced System Care AscService.exe 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to...