CVE-2024-12661

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

Configuration 1 (hide)

cpe:2.3:a:iobit:advanced_systemcare_ultimate:*:*:*:*:*:*:*:*

History

02 Jul 2025, 19:09

Type Values Removed Values Added
First Time Iobit advanced Systemcare Ultimate
Iobit
References () https://shareforall.notion.site/IOBit-Advanced-SystemCare-Utimate-AscRegistryFilter-0x8001E024-NPD-DOS-15260437bb1e80f28c03f548645c8ec9 - () https://shareforall.notion.site/IOBit-Advanced-SystemCare-Utimate-AscRegistryFilter-0x8001E024-NPD-DOS-15260437bb1e80f28c03f548645c8ec9 - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.288530 - () https://vuldb.com/?ctiid.288530 - Permissions Required, Third Party Advisory, VDB Entry
References () https://vuldb.com/?id.288530 - () https://vuldb.com/?id.288530 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.456338 - () https://vuldb.com/?submit.456338 - Third Party Advisory, VDB Entry
CPE cpe:2.3:a:iobit:advanced_systemcare_ultimate:*:*:*:*:*:*:*:*

16 Dec 2024, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-12-16 19:15

Updated : 2025-07-02 19:09


NVD link : CVE-2024-12661

Mitre link : CVE-2024-12661

CVE.ORG link : CVE-2024-12661


JSON object : View

Products Affected

iobit

  • advanced_systemcare_ultimate
CWE
CWE-404

Improper Resource Shutdown or Release

CWE-476

NULL Pointer Dereference