CVE-2020-37223

HIGH

IObit Uninstaller 9.5.0.15 Unquoted Service Path Privilege Escalation

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37223. PoCs published by Gobinathan.

AI-analyzed exploit summary This exploit leverages an unquoted service path vulnerability in IObit Uninstaller 9.5.0.15, allowing local privilege escalation to SYSTEM by placing a malicious executable in a directory with write permissions. The service path lacks quotes, causing Windows to execute the first matching executable in the path.

Description

IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and restart the service to execute code with SYSTEM privileges.

Exploits (1)

exploitdb WORKING POC

by Gobinathan · textlocalwindows

https://www.exploit-db.com/exploits/48543

View Code ZIP pw:eip

This exploit leverages an unquoted service path vulnerability in IObit Uninstaller 9.5.0.15, allowing local privilege escalation to SYSTEM by placing a malicious executable in a directory with write permissions. The service path lacks quotes, causing Windows to execute the first matching executable in the path.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: IObit Uninstaller 9.5.0.15

Auth required

Prerequisites: write permissions to 'C:\Program Files (x86)\IObit' · ability to restart the IObitUnSvr service

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed May 13, 2026 Full analysis →

References (4)

Core 4

Core References

Product product

Product Reference

https://www.iobit.com/en/advanceduninstaller.php

Exploit exploit

ExploitDB-48543

https://www.exploit-db.com/exploits/48543

Product product

Official Product Homepage

https://www.iobit.com

Third Party Advisory third-party-advisory

VulnCheck Advisory: IObit Uninstaller 9.5.0.15 Unquoted Service Path Privilege Escalation

https://www.vulncheck.com/advisories/iobit-uninstaller-unquoted-service-path-privilege-escalation

Scores

CVSS v3 7.8

EPSS 0.0012

EPSS Percentile 2.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-428

Status published

Products (1)

Iobit/IObit Uninstaller 9.5.0.15

Published May 13, 2026

Tracked Since May 13, 2026