CVE-2023-1638 MEDIUM

CVE-2023-1638: IObit Malware Fighter IOCTL ImfRegistryFilter.sys 0x8001E040 denial of service

Vendor Iobit
Product Malware Fighter
Weakness CWE-404
Published March 26, 2023
Last update February 19, 2025

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been rated as problematic. Affected by this issue is the function 0x8001E024/0x8001E040 in the library ImfRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-224018 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

March 26, 2023 CVE published
February 19, 2025 Record updated