Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:56 p.m.10 views

CVE-2022-24138

IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...

7.8CVSS7.5AI score0.00573EPSS
Exploits0References1
NVD
NVD
added 2022/07/06 1:15 p.m.27 views

CVE-2022-24138

IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...

7.8CVSS0.00573EPSS
Exploits0References1
CVE
CVE
added 2022/07/06 12:41 p.m.69 views

CVE-2022-24138

CVE-2022-24138 affects IOBit Advanced System Care (Asc.exe) 15 and Action Download Center. The root cause is that components are downloaded into the ProgramData folder, which has broad (rwx) permissions for unprivileged users, allowing a low-privilege user to exploit SetOpLock to wait for CreateP...

7.8CVSS7.7AI score0.00573EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/06 12:41 p.m.43 views

CVE-2022-24138

IOBit Advanced System Care Asc.exe 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with ...

8AI score0.00573EPSS
Exploits0References1
Rows per page
Query Builder