VYPR

Advanced System Care

by Iobit

CVEs (28)

  • CVE-2018-16711HigSep 26, 2018
    risk 0.57cvss 8.8epss 0.02

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction…

  • CVE-2020-37232HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be…

  • CVE-2016-20055HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path and trigger privilege escalation when…

  • CVE-2018-9041HigMar 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004.

  • CVE-2018-9003HigMar 25, 2018
    risk 0.51cvss 7.8epss 0.00

    In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000.

  • CVE-2026-7832HigMay 5, 2026
    risk 0.46cvss 7.0epss 0.00

    A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It…

  • CVE-2018-16713MedSep 26, 2018
    risk 0.42cvss 6.5epss 0.02

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction…

  • CVE-2018-16712MedSep 26, 2018
    risk 0.42cvss 6.5epss 0.01

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.

  • CVE-2024-12662Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has…

  • CVE-2024-12661Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer…

  • CVE-2024-12660Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer…

  • CVE-2024-12659Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been classified as problematic. Affected is the function 0x8001E004 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference.…

  • CVE-2024-12658Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Local…

  • CVE-2024-12657Dec 16, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer…

  • CVE-2022-24140Jul 6, 2022
    risk 0.00cvss epss 0.01

    IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the…

  • CVE-2022-24139Jul 6, 2022
    risk 0.00cvss epss 0.00

    In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the…

  • CVE-2022-24138Jul 6, 2022
    risk 0.00cvss epss 0.01

    IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the…

  • CVE-2021-44968Feb 18, 2022
    risk 0.00cvss epss 0.00

    A Use after Free vulnerability exists in IOBit Advanced SystemCare 15 pro via requests sent in sequential order using the IOCTL driver codes, which could let a malicious user execute arbitrary code or a Denial of Service (system crash). IOCTL list: iobit_ioctl = [0x8001e01c,…

  • CVE-2021-21785Aug 5, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this…

  • CVE-2021-21792Aug 5, 2021
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in…

Page 1 of 2