3 matches found
CVE-2022-24140
The CVE-2022-24140 entry affects IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot. The issue arises in the update mechanism: products fetch a config file via HTTP, parse the update location from that file, and automatically install updat...
CVE-2022-24139
The CVE concerns IOBit Advanced System Care, ASCService.exe (version 15). An attacker with SEImpersonatePrivilege can create a named pipe that reuses one of ASCService’s expected named pipe names. ASCService first attempts to connect to the named pipe before creating its pipes, so during login th...
CVE-2016-20055
CVE-2016-20055 affects IObit Advanced SystemCare 10.0.2. The vulnerability is an unquoted service path in the AdvancedSystemCareService10 service; a local attacker can place a malicious executable in the service’s path and trigger privilege escalation when the service restarts or the system reboo...