Vulnerabilities > CVE-2024-12662 - NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
iobit
CWE-476

Summary

A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part Description Count
Application
Iobit
2

Common Weakness Enumeration (CWE)