IObit Advanced SystemCare Unquoted Service Path Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in IObit Advanced SystemCare version 10.0.2. The issue arises from an unquoted service path in the 'AdvancedSystemCareService10' service, allowing local attackers to escalate privileges. By placing a malicious executable in the service path, attackers can trigger the execution of their code with LocalSystem privileges when the service is restarted or the system is rebooted.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, with executed code running under the LocalSystem account, which has extensive rights on the system.

Reproduction

To reproduce this vulnerability, first verify that IObit Advanced SystemCare version 10.0.2 is installed on a Windows system. Check the service configuration using the 'sc qc AdvancedSystemCareService10' command, which will reveal the unquoted service path. Once confirmed, place a malicious executable in the service path. The vulnerability can be exploited by restarting the 'AdvancedSystemCareService10' service or rebooting the system, which will execute the malicious code with elevated privileges.