PT-2018-14799 · Iobit · Iobit Malware Fighter

Published

2018-11-10

Updated

2020-08-24

CVE-2018-19086

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IOBit Malware Fighter version 6.2

Description The issue is related to a stack-based buffer overflow in the RegFilter.sys driver. This occurs when an attacker uses the IOCTL 0x8006E040 with a size larger than 8 bytes, potentially leading to denial of service or code execution with root privileges.

Recommendations For IOBit Malware Fighter version 6.2, consider disabling the RegFilter.sys driver until a patch is available to prevent potential exploitation. Restrict access to the IOCTL 0x8006E040 to minimize the risk of denial of service or code execution with root privileges.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2018-19086

Affected Products

Iobit Malware Fighter

PT-2018-14799 · Iobit · Iobit Malware Fighter

CVE-2018-19086

Weakness Enumeration

Related Identifiers

Affected Products

References · 3