CVE-2018-16713

Name of the Vulnerable Software and Affected Versions IObit Advanced SystemCare versions 1.2.0.5 and earlier

Description The issue is related to privilege management errors in the utility. Exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information. Specifically, the driver's subroutine executes a rdmsr instruction with user-defined content from a buffer sent via an IOCTL (0x9C402084), potentially allowing a user to influence the output of the instruction.

Recommendations For versions 1.2.0.5 and earlier, consider restricting access to the IOCTL (0x9C402084) to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.