IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.
References
Link | Resource |
---|---|
https://daniels-it-blog.blogspot.com/2020/06/arbitrary-file-deletion-in-iobit.html | Exploit Third Party Advisory |
https://github.com/Daniel-itsec/AdvancedSystemCare | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-06-22 21:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-14990
Mitre link : CVE-2020-14990
CVE.ORG link : CVE-2020-14990
JSON object : View
Products Affected
iobit
- advanced_systemcare
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')