IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service
CVE-2023-1638

5.5MEDIUM

Key Information:

Vendor

Iobit

Status
Malware Fighter
Vendor
CVE Published:
26 March 2023

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2023-1638?

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability.

Affected Version(s)

Malware Fighter 9.4.0.776

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-1638 - Proof of Concept

References

https://vuldb.com/?id.224018
vdb-entrytechnical-description
https://vuldb.com/?ctiid.224018
signaturepermissions-required
https://github.com/zeze-zeze/WindowsKernelVuln/tree/maste...
related

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Zeze7w (VulDB User)
.