CVE-2024-12659

Summary

CVE-2024-12659 is a newly disclosed vulnerability affecting IObit Advanced SystemCare Ultimate up to version 17.0.0. This issue is classified as problematic due to the null pointer dereference vulnerability found in the function 0x8001E004 within the AscRegistryFilter.sys library's IOCTL Handler. An attacker can locally exploit this flaw, resulting in potential crashes or code execution. Unfortunately, the exploit for this vulnerability has been made public, increasing the risk to affected users. Despite early disclosure to the vendor, there has been no response from them regarding patches or mitigations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.