← Back to CVEs
CVE-2022-37771
MEDIUM6.7
Description
IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.
CVE Details
CVSS v3.1 Score6.7
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published9/6/2022
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
iobit:malware_fightermicrosoft:windows
Weaknesses (CWE)
CWE-732
References
https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html(cve@mitre.org)
https://mrvar0x.com/2022/08/02/multiple-endpoints-security-tampering-exploit/(af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/167913/IObit-Malware-Fighter-9.2-Tampering-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.