Vulnerability Details : CVE-2022-24138
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).
Products affected by CVE-2022-24138
- cpe:2.3:a:iobit:advanced_systemcare:15:*:*:*:pro:*:*:*
- cpe:2.3:a:iobit:advanced_systemcare:15:*:*:*:free:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-24138
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-24138
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-24138
-
The product makes files or directories accessible to unauthorized actors, even though they should not be.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-24138
-
https://github.com/tomerpeled92/CVE/
GitHub - tomerpeled92/CVEThird Party Advisory
-
http://advanced.com
Advanced Interconnections | Interconnect SolutionsNot Applicable
-
http://iobit.com
Macbooster ® Official Site - Download MacBooster 8 - Enjoy a Faster and More Secure MacVendor Advisory
Jump to