CVE-2023-1646

Name of the Vulnerable Software and Affected Versions IObit Malware Fighter version 9.4.0.776

Description A critical issue affects the IMFCameraProtect.sys library in the IOCTL Handler component, leading to a stack-based buffer overflow due to the manipulation of the function 0x8018E000/0x8018E004. This can be exploited locally, potentially allowing an attacker to elevate their privileges. The exploit has been publicly disclosed.

Recommendations For IObit Malware Fighter version 9.4.0.776, as a temporary workaround, consider disabling the IMFCameraProtect.sys library until a patch is available. Restrict access to the IOCTL Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.