CVE-2018-16713: Buffer Overflow
First published: Wed Sep 26 2018(Updated: )
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Iobit Advanced Systemcare | <=1.2.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-16713?
CVE-2018-16713 is a vulnerability in IObit Advanced SystemCare that allows a user to execute arbitrary code.
How does CVE-2018-16713 work?
CVE-2018-16713 allows a user to send a specific IOCTL with a user-defined buffer, which can lead to the execution of arbitrary code.
What version of IObit Advanced SystemCare is affected by CVE-2018-16713?
IObit Advanced SystemCare version 1.2.0.5 (and possibly earlier versions) is affected by CVE-2018-16713.
What is the severity of CVE-2018-16713?
CVE-2018-16713 has a severity rating of 6.5 (Medium).
How can I fix CVE-2018-16713?
To fix CVE-2018-16713, update IObit Advanced SystemCare to a version higher than 1.2.0.5.
- collector/nvd-index
- agent/references
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/iobit
- canonical/iobit advanced systemcare
- version/iobit advanced systemcare/1.2.0.5