IOCTL Vulnerability in IObit Advanced SystemCare Driver
CVE-2018-16711

8.8HIGH

Key Information:

Vendor: Iobit
Status: Advanced Systemcare
Vendor: CVE Published:; 26 September 2018

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2018-16711?

An IOCTL vulnerability exists in IObit Advanced SystemCare, particularly in the drivers Monitor_win10_x64.sys and Monitor_win7_x64.sys. This flaw allows a malicious user to send specially crafted IOCTL requests to the driver. By exploiting this vulnerability, an attacker can execute a wrmsr instruction with user-defined content, potentially leading to unauthorized access or control over the system. Affected versions include 1.2.0.5 and possibly earlier iterations.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2018-16711
Created by DownWithUp

References

https://downwithup.github.io/CVEPosts.html

x_refsource_MISC

EPSS Score

8% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2018
🟡
Public PoC available
Sep 18, 2018
👾
Exploit known to exist
Sep 18, 2018
Vulnerability Reserved
Sep 7, 2018

Iobit

Badges

What is CVE-2018-16711?

Exploit Proof of Concept (PoC)

References

EPSS Score

CVSS V3.1

Timeline