IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 denial of service
CVE-2023-1645

5.5MEDIUM

Key Information:

Vendor: Iobit
Status: Malware Fighter
Vendor: CVE Published:; 26 March 2023

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2023-1645?

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability.

Affected Version(s)

Malware Fighter 9.4.0.776

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-1645 - Proof of Concept

References

https://vuldb.com/?id.224025

vdb-entrytechnical-description

https://vuldb.com/?ctiid.224025

signaturepermissions-required

https://github.com/zeze-zeze/WindowsKernelVuln/tree/maste...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 26, 2023
👾
Exploit known to exist
Mar 26, 2023
Vulnerability published
Mar 26, 2023
Vulnerability Reserved
Mar 26, 2023

Credit

Zeze7w (VulDB User)

Iobit

Badges

What is CVE-2023-1645?

Affected Version(s)

Exploit Proof of Concept (PoC)

References

CVSS V3.1

Timeline

Credit