CVE-2025-26125

HIGH

IObit Malware Fighter <12.1.0 - Privilege Escalation

Title source: llm

Description

An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges.

Exploits (1)

nomisec WORKING POC 166 stars
by ZeroMemoryEx · poc
https://github.com/ZeroMemoryEx/CVE-2025-26125

References (3)

Scores

CVSS v3 7.3
EPSS 0.0011
EPSS Percentile 28.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-782
Status published
Published Mar 17, 2025
Tracked Since Feb 18, 2026