CVE-2020-14974

EUVD-2020-7104
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
iobitiobit_unlocker
1.1.2
𝑥
= Vulnerable software versions
References
https://theevilbit.github.io/posts/
https://www.iobit.com/en/iobit-unlocker.php
https://theevilbit.github.io/posts/
https://www.iobit.com/en/iobit-unlocker.php