virus logo FortiClient Vulnerability

IObit Advanced SystemCare CVE-2022-24138 Information Disclosure Vulnerability

description-logoDescription

IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has \"rwx\" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).

affected-products-logoAffected Applications

Advanced SystemCare

CVE References

CVE-2022-24138

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24138
ID 4433
Created Jul 20, 2022
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor IObit
Patch manual
Application Advanced SystemCare