CVE-2023-1638 – IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service
https://notcve.org/view.php?id=CVE-2023-1638
A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. • https://drive.google.com/file/d/1_jYlCkQMNaUwGV5QJtyz4zhdTqaGCv6Z/view https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1638 https://vuldb.com/?ctiid.224018 https://vuldb.com/?id.224018 • CWE-404: Improper Resource Shutdown or Release •
CVE-2022-37771
https://notcve.org/view.php?id=CVE-2022-37771
IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable. IObit Malware Fighter versión v9.2 para Microsoft Windows carece de protección contra manipulaciones, permitiendo a atacantes autenticados con privilegios de administrador modificar los procesos dentro de la aplicación y escalar los privilegios a SYSTEM por medio de un ejecutable diseñado. • https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-23864
https://notcve.org/view.php?id=CVE-2020-23864
An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder. Se presenta un problema en IOBit Malware Fighter versión 8.0.2.547. La escalada local de privilegios es posible al colocar un archivo DLL malicioso en la carpeta WindowsApps • http://daniels-it-blog.blogspot.com/2020/07/iobit-malware-fighter-arbitrary-code.html •
CVE-2020-15401
https://notcve.org/view.php?id=CVE-2020-15401
IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. IOBit Malware Fighter Pro versión 8.0.2.547, permite a usuarios locales alcanzar privilegios para una eliminación de archivos al manipular ubicaciones de archivos con marcas maliciosas con una unión NTFS y un enlace simbólico de Object Manager • http://daniels-it-blog.blogspot.com/2020/06/when-your-anti-virus-turns-against-you.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2019-6494
https://notcve.org/view.php?id=CVE-2019-6494
IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged user to send IOCTL 0x8016E000 along with a user defined string to a file; that file will be promptly deleted regardless of access controls. En la biblioteca IMFForceDelete.sys en IObit Malware Fighter versión 6.2 permite a un usuario con pocos privilegios enviar IOCTL 0x8016E000 junto con una cadena definida por el usuario hacia un archivo; ese archivo se eliminará rápidamente, independientemente de los controles de acceso. • https://downwithup.github.io/CVEPosts.html •