IObit Malware Fighter Unquoted Service Path Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in IObit Malware Fighter version 4.3.1. The issue arises from an unquoted service path in the 'IMFservice' and 'LiveUpdateSvc' services, allowing local attackers to escalate privileges. By inserting a malicious executable into the unquoted service path, attackers can execute code with LocalSystem privileges when the service is restarted or the system is rebooted.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, with executed code running under the LocalSystem account, which has extensive rights on the system.

Reproduction

To reproduce this vulnerability, first confirm that IObit Malware Fighter version 4.3.1 is installed on a Windows system. Next, insert a malicious executable into the unquoted service path of either the 'IMFservice' or 'LiveUpdateSvc' service. This can be done by placing the executable in the directory specified by the service's binary path. Once the executable is in place, restart the service or reboot the system. The malicious code will be executed with LocalSystem privileges, completing the exploitation of the vulnerability.