Vulnerabilities > CVE-2025-0222 - NULL Pointer Dereference vulnerability in I0Bit Protected Folder

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

i0bit

CWE-476

NVD

Published: 2025-01-05

Updated: 2025-01-23

Summary

A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Configurations

Part	Description	Count
Application	I0Bit I0Bit Protected Folder 13.6.0.1 I0Bit Protected Folder 13.6.0.2 I0Bit Protected Folder 13.6.0.3 I0Bit Protected Folder 13.6.0.4 I0Bit Protected Folder 13.6.0.5	5

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References