CVE-2022-24138

IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).

Published: Jul 6, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-24138
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-552

Affected Software
References

Software	From	Fixed in
iobit / advanced_systemcare	15	15.x

http://advanced.com
http://iobit.com
https://github.com/tomerpeled92/CVE/

Vulnerability Database

290,020

CVE-2022-24138