Vulnerability Description
A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iobit | Advanced Systemcare Ultimate | <= 17.0.0 |
Related Weaknesses (CWE)
References
- https://shareforall.notion.site/IOBit-Advanced-SystemCare-Utimate-AscRegistryFilExploitThird Party Advisory
- https://vuldb.com/?ctiid.288526Permissions RequiredVDB Entry
- https://vuldb.com/?id.288526Permissions RequiredVDB Entry
- https://vuldb.com/?submit.456035Third Party AdvisoryVDB Entry
FAQ
What is CVE-2024-12657?
CVE-2024-12657 is a vulnerability with a CVSS score of 5.5 (MEDIUM). A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys ...
How severe is CVE-2024-12657?
CVE-2024-12657 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-12657?
Check the references section above for vendor advisories and patch information. Affected products include: Iobit Advanced Systemcare Ultimate.