CVE-2018-9041: Input Validation
First published: Tue Mar 27 2018(Updated: )
In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IObit Advanced SystemCare | =11.0.1.58 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2018-9041.
What is the severity of CVE-2018-9041?
The severity of CVE-2018-9041 is high and has a severity value of 7.8.
How does Advanced SystemCare Ultimate 11.0.1.58 handle input values from IOCtl 0x9c402004?
Advanced SystemCare Ultimate 11.0.1.58 does not validate input values from IOCtl 0x9c402004, which can allow a local user to cause a denial of service (BSOD) or possibly have other unspecified impacts.
Is there a Proof of Concept (PoC) available?
Yes, there is a Proof of Concept (PoC) available for this vulnerability. You can find it at: https://github.com/D0neMkj/POC_BSOD/tree/master/Advanced%20SystemCare%20Utimate/Monitor_win10_x64.sys-0x9c402004
How can I fix the vulnerability in Advanced SystemCare Ultimate 11.0.1.58?
To fix the vulnerability in Advanced SystemCare Ultimate 11.0.1.58, you should update to a patched version of the software when it becomes available.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/iobit
- canonical/iobit advanced systemcare
- version/iobit advanced systemcare/11.0.1.58