CVE-2020-10234
Last modified
CVE-2020-10234 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. EPSS estimates a 3.77% chance of exploitation in the next 30 days.
Description
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter are affected.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Iobit | Advanced Systemcare | 13.2 |
References
- https://github.com/FULLSHADE/Kernel-exploitsThird Party Advisory
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/AscRegistryFilter.sysExploit, Third Party Advisory
- https://www.iobit.com/en/advancedsystemcarefree.phpProduct, Vendor Advisory
- https://github.com/FULLSHADE/Kernel-exploitsThird Party Advisory
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/AscRegistryFilter.sysExploit, Third Party Advisory
- https://www.iobit.com/en/advancedsystemcarefree.phpProduct, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-10234?
How severe is CVE-2020-10234?
How do I fix CVE-2020-10234?
Are you affected by CVE-2020-10234?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST