Iobit · Advanced Systemcare · CVE-2020-37232
**Name of the Vulnerable Software and Affected Versions**
Advanced System Care Service version 13.0.0.157
**Description**
An unquoted service path issue exists in the `AdvancedSystemCareService13` service binary path. This allows local attackers to escalate privileges by placing malicious executables in the system root path, which are then executed with LocalSystem privileges during system reboot or service startup.
**Recommendations**
For version 13.0.0.157, ensure the service binary path for `AdvancedSystemCareService13` is properly quoted or restrict write access to the system root path to prevent the placement of unauthorized executables.