VYPR
Vendor

Iobit

Products
13
CVEs
68
Across products
71
Status
Private

Products

13

Recent CVEs

68
View all 68 CVEs →
  • CVE-2018-16711HigSep 26, 2018
    risk 0.57cvss 8.8epss 0.02

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction…

  • CVE-2020-37232HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be…

  • CVE-2020-37223HigMay 13, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and…

  • CVE-2016-20059HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege…

  • CVE-2016-20055HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path and trigger privilege escalation when…

  • CVE-2020-36952HigJan 26, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would…

  • CVE-2024-7324HigJul 31, 2024
    risk 0.51cvss 7.8epss 0.00

    A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontrolled search path. Local…

  • CVE-2018-9041HigMar 27, 2018
    risk 0.51cvss 7.8epss 0.00

    In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004.

  • CVE-2018-9003HigMar 25, 2018
    risk 0.51cvss 7.8epss 0.00

    In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000.

  • CVE-2025-26125HigMar 17, 2025
    risk 0.47cvss 7.3epss 0.00

    An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges.

  • CVE-2026-7832HigMay 5, 2026
    risk 0.46cvss 7.0epss 0.00

    A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It…

  • CVE-2018-16713MedSep 26, 2018
    risk 0.42cvss 6.5epss 0.02

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction…

  • CVE-2018-16712MedSep 26, 2018
    risk 0.42cvss 6.5epss 0.01

    IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.

  • CVE-2026-12201MedJun 15, 2026
    risk 0.34cvss 5.3epss 0.00

    A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The…

  • CVE-2022-24562Jun 16, 2022
    risk 0.07cvss epss 0.53

    In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution.

  • CVE-2022-37197Nov 18, 2022
    risk 0.03cvss epss 0.01

    IOBit IOTransfer V4 is vulnerable to Unquoted Service Path.

  • CVE-2025-66676Feb 13, 2026
    risk 0.00cvss epss 0.00

    An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Service (DoS) via a crafted request.

  • CVE-2025-0223Jan 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null…

  • CVE-2025-0222Jan 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An…

  • CVE-2025-0221Jan 5, 2025
    risk 0.00cvss epss 0.00

    A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs…