CVE-2022-24139
Last modified
CVE-2022-24139 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used.
Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Iobit | Advanced System Care | 15 |
References
- http://advanced.comNot Applicable
- http://iobit.comVendor Advisory
- https://github.com/tomerpeled92/CVE/Third Party Advisory
- http://advanced.comNot Applicable
- http://iobit.comVendor Advisory
- https://github.com/tomerpeled92/CVE/Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-24139?
How severe is CVE-2022-24139?
How do I fix CVE-2022-24139?
Are you affected by CVE-2022-24139?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST