CVE-2025-66676

MEDIUM

IObit Unlocker 1.3.0.11 - Denial of Service via Crafted Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-66676. PoCs published by cwjchoi01.

AI-analyzed exploit summary This PoC exploits a vulnerability in IObit Unlocker's driver by sending a crafted IOCTL request to terminate processes. It loads a vulnerable driver, sends malicious input via DeviceIoControl, and unloads the driver afterward.

Description

An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Service (DoS) via a crafted request.

Exploits (1)

nomisec WORKING POC

by cwjchoi01 · poc

https://github.com/cwjchoi01/CVE-2025-66676

View Code ZIP pw:eip

This PoC exploits a vulnerability in IObit Unlocker's driver by sending a crafted IOCTL request to terminate processes. It loads a vulnerable driver, sends malicious input via DeviceIoControl, and unloads the driver afterward.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: IObit Unlocker (driver version unspecified)

Auth required

Prerequisites: Local access to the system · IObit Unlocker driver installed · Administrative privileges to load/unload drivers

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1543 - Create or Modify System Process

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://github.com/cwjchoi01/CVE-2025-66676

Various Sources

https://www.iobit.com/en/iobit-unlocker.php

Scores

CVSS v3 6.2

EPSS 0.0016

EPSS Percentile 5.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (1)

iobit/iobit_unlocker 1.3.0.11

Published Feb 13, 2026

Tracked Since Feb 18, 2026