IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN).
References
Link | Resource |
---|---|
http://advanced.com | Not Applicable |
http://iobit.com | Vendor Advisory |
https://github.com/tomerpeled92/CVE/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-06T12:41:26
Updated: 2022-07-06T12:41:26
Reserved: 2022-01-31T00:00:00
Link: CVE-2022-24138
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-07-06T13:15:09.230
Modified: 2022-07-14T01:09:30.067
Link: CVE-2022-24138
JSON object: View
Redhat Information
No data.
CWE