Vulnerabilities > Iobit
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-26 | CVE-2023-1638 | Improper Resource Shutdown or Release vulnerability in Iobit Malware Fighter 9.4.0.776 A vulnerability was found in IObit Malware Fighter 9.4.0.776. | 5.5 |
| 2023-03-26 | CVE-2023-1639 | Improper Resource Shutdown or Release vulnerability in Iobit Malware Fighter 9.4.0.776 A vulnerability classified as problematic has been found in IObit Malware Fighter 9.4.0.776. | 5.5 |
| 2022-11-18 | CVE-2022-37197 | Unquoted Search Path or Element vulnerability in Iobit Iotransfer 4.0 IOBit IOTransfer V4 is vulnerable to Unquoted Service Path. | 7.8 |
| 2022-07-06 | CVE-2022-24138 | Files or Directories Accessible to External Parties vulnerability in Iobit Advanced Systemcare 15 IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. | 7.2 |
| 2022-07-06 | CVE-2022-24139 | Exposure of Resource to Wrong Sphere vulnerability in Iobit Advanced System Care 15 In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. | 7.2 |
| 2022-07-06 | CVE-2022-24140 | Download of Code Without Integrity Check vulnerability in Iobit products IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. | 6.0 |
| 2022-07-06 | CVE-2022-24141 | Unspecified vulnerability in Iobit Itop VPN 3.2 The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. | 5.5 |
| 2022-06-16 | CVE-2022-24562 | Missing Authentication for Critical Function vulnerability in Iobit Iotransfer 4.3.1.1561 In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution. | 9.8 |
| 2022-02-18 | CVE-2021-44968 | Use After Free vulnerability in Iobit Advanced Systemcare 15 A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). | 7.2 |
| 2021-08-05 | CVE-2021-21785 | Unspecified vulnerability in Iobit Advanced Systemcare Ultimate 14.2.0.220 An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. | 2.1 |