PT-2018-18805 · Iobit · Advanced Systemcare Ultimate

Published

2018-03-27

Updated

2018-03-30

CVE-2018-9043

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Advanced SystemCare Ultimate version 11.0.1.58

Description The issue in Advanced SystemCare Ultimate allows local users to cause a denial of service, potentially leading to a Blue Screen of Death (BSOD), due to the driver file Monitor win10 x64.sys not validating input values from the IOCtl 0x9c4060d0. This could have unspecified other impacts.

Recommendations For Advanced SystemCare Ultimate version 11.0.1.58, consider disabling the Monitor win10 x64.sys driver file as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-9043

Affected Products

Advanced Systemcare Ultimate

PT-2018-18805 · Iobit · Advanced Systemcare Ultimate

CVE-2018-9043

Weakness Enumeration

Related Identifiers

Affected Products

References · 3