exploitDog

CVE-2021-44968

Опубликовано: 18 фев. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040,0x8001e044, 0x8001e048, 0x8001e04c, 0x8001e000, 0x8001e004, 0x8001e008, 0x8001e00c, 0x8001e010, 0x8001e014, 0x8001e018]

Ссылки

https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/iobit_advenced_system_care
Exploit
Third Party Advisory
https://github.com/Quadron-Research-Lab/Kernel_Driver_bugs/tree/main/iobit_advenced_system_care
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:iobit:advanced_systemcare:15:*:*:*:pro:*:*:*

EPSS

Процентиль: 24%

0.00079

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-7827-pcxj-hcmr

github

почти 4 года назад

A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c, 0x8001e020, 0x8001e024, 0x8001e040,0x8001e044, 0x8001e048, 0x8001e04c, 0x8001e000, 0x8001e004, 0x8001e008, 0x8001e00c, 0x8001e010, 0x8001e014, 0x8001e018]

EPSS

Процентиль: 24%

0.00079

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-416