header-logo
Suggest Exploit
vendor:
Advanced System Care Service 13
by:
Jair Amezcua
5.5
CVSS
MEDIUM
Unquoted service paths in Advanced System Care Service 13 v13.0.0.157 have an unquoted service path. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If […]
428
CWE
Product Name: Advanced System Care Service 13
Affected Version From: 13.0.0.157
Affected Version To:
Patch Exists: NO
Related CWE:
CPE: advanced_system_care_service_13
Metasploit:
Other Scripts:
Platforms Tested: Windows 10 64bit(EN)
2020

Advanced System Care Service 13 – ‘AdvancedSystemCareService13’ Unquoted Service Path

Unquoted service paths in Advanced System Care Service 13 v13.0.0.157 have an unquoted service path. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.

Mitigation:

To mitigate this vulnerability, ensure that all service paths are quoted correctly in the system.
Source

Exploit-DB raw data:

# Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path
# Author: Jair Amezcua
# Date: 2020-11-10
# Vendor Homepage: https://www.iobit.com
# Software Link: https://www.iobit.com/es/advancedsystemcarepro.php
# Version : 13.0.0.157
# Tested on: Windows 10 64bit(EN)
# CVE : N/A

# 1. Description:
# Unquoted service paths in Advanced System Care Service 13  v13.0.0.157 have an unquoted service path.

# PoC
===========

C:\>sc qc AdvancedSystemCareService13
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: AdvancedSystemCareService13
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe
        LOAD_ORDER_GROUP   : System Reserved
        TAG                : 0
        DISPLAY_NAME       : Advanced SystemCare Service 13
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem



#Description Exploit:
# A successful attempt would require the local user to be able to insert their code in the system root path 
# undetected by the OS or other security applications where it could potentially be executed during 
# application startup or reboot. If successful, the local user's code would execute with the elevated 
# privileges of the application.

Navigation

Suggest Exploit

Services By CQR