Back to search
CVE-2022-24138
Published: Jul 6, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://advanced.com
x_refsource_MISC
http://iobit.com
x_refsource_MISC
https://github.com/tomerpeled92/CVE/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now