Description
IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and restart the service to execute code with SYSTEM privileges.
Published: 2026-05-13
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A local attacker can exploit an unquoted service path in the IObitUnSvr service of IObit Uninstaller 9.5.0.15. By placing a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and restarting the service, the attacker gains SYSTEM level privileges, effectively escalating local access to full administrative control of the host. The weakness is identified as CWE-428: Unquoted Service Path.

Affected Systems

The vulnerability affects installations of IObit Uninstaller version 9.5.0.15 that run the IObitUnSvr service. Systems with this version deployed in the C:\Program Files (x86)\IObit folder are at risk; earlier or later major versions are not confirmed to be vulnerable by the available data.

Risk and Exploitability

The CVSS score of 8.5 classifies this issue as a high severity vulnerability. Exploitation requires local access to the machine but does not require special software or network connectivity beyond normal local privileges; the EPSS score is currently not available. Because the vulnerability is not listed in the CISA KEV catalog, no active known exploits are reported, but the attack path is straightforward: place the malicious executable and restart the compromised service. The potential impact includes full control over the affected system, which could enable data theft, persistence, or lateral movement. However, these outcomes are inferred from the elevated privileges and are not explicitly demonstrated in the available data.

Generated by OpenCVE AI on May 13, 2026 at 17:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor’s latest patch or upgrade to a version of IObit Uninstaller that eliminates the unquoted service path.
  • If an update is unavailable, remove or rename any file named IObit.exe in the IObit uninstaller directory and disable or delete the IObitUnSvr service to prevent execution.
  • Ensure that local user accounts have strong passwords, limit local administrative privileges, and monitor for unauthorized changes to the IObitUnSvr service or the IObit directory.

Generated by OpenCVE AI on May 13, 2026 at 17:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 14 May 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Iobit
Iobit uninstaller
Vendors & Products Iobit
Iobit uninstaller

Wed, 13 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 15:15:00 +0000

Type Values Removed Values Added
Description IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and restart the service to execute code with SYSTEM privileges.
Title IObit Uninstaller 9.5.0.15 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Iobit Uninstaller
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-13T18:20:26.990Z

Reserved: 2026-05-13T14:10:06.850Z

Link: CVE-2020-37223

cve-icon Vulnrichment

Updated: 2026-05-13T18:15:28.775Z

cve-icon NVD

Status : Deferred

Published: 2026-05-13T16:16:33.847

Modified: 2026-05-13T17:07:21.030

Link: CVE-2020-37223

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T14:30:15Z

Weaknesses