CVE-2022-37771

MEDIUM

6.7

Beschreibung

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.

CVE Details

CVSS v3.1 Bewertung6.7

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht9/6/2022

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

iobit:malware_fightermicrosoft:windows

Schwachen (CWE)

CWE-732

Referenzen

https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/(cve@mitre.org)

https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html(cve@mitre.org)

https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/(af854a3a-2127-422b-91ae-364da2661108)

https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.