Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IOBit Advanced System Care (Asc.exe) 15、Action Download Center 安全漏洞
Vulnerability Description
IOBit Advanced System Care Free和IOBit Action Download Center都是英国IOBit公司的产品。IOBit Advanced System Care Free是一款系统管理实用程序。该程序主要用于扫描、修复和优化系统等。IOBit Action Download Center是一个下载器。 IOBit Advanced System Care (Asc.exe) 15、Action Download Center存在安全漏洞。攻击者利用该漏洞升级权限并
CVSS Information
N/A
Vulnerability Type
N/A