{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2016-20059", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-04T13:42:51.909Z", "datePublished": "2026-04-04T13:51:02.758Z", "dateUpdated": "2026-04-06T15:28:43.356Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-04T19:59:48.106Z"}, "datePublic": "2016-10-13T00:00:00.000Z", "title": "IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation", "descriptions": [{"lang": "en", "value": "IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Unquoted Search Path or Element", "cweId": "CWE-428", "type": "CWE"}]}], "affected": [{"vendor": "Iobit", "product": "IObit Malware Fighter", "versions": [{"version": "4.3.1", "status": "affected"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:4.3.1:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:11.0.0.1274:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:9.4.0.776:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:9.2:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:8.0.2.547:*:*:*:-:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:8.0.2.547:*:*:*:pro:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:4.0.3.22:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:4.2.02425:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:4.5.03457:*:*:*:*:*:*:*"}, {"vulnerable": true, "criteria": "cpe:2.3:a:iobit:malware_fighter:5.5.0:*:*:*:*:*:*:*"}]}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 8.5, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS"}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "references": [{"url": "https://www.exploit-db.com/exploits/40525", "name": "ExploitDB-40525", "tags": ["exploit"]}, {"url": "http://www.iobit.com/en/index.php", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.iobit.com/downloadcenter.php?product=malware-fighter-free", "name": "Product Reference", "tags": ["product"]}, {"name": "VulnCheck Advisory: IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/iobit-malware-fighter-unquoted-service-path-privilege-escalation"}], "credits": [{"lang": "en", "value": "Amir.ght", "type": "finder"}], "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:20:09.817311Z", "id": "CVE-2016-20059", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:28:43.356Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2016-20059", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-06T15:20:09.817311Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:20:15.879Z"}}], "cna": {"title": "IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation", "credits": [{"lang": "en", "type": "finder", "value": "Amir.ght"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Iobit", "product": "IObit Malware Fighter", "versions": [{"status": "affected", "version": "4.3.1"}]}], "datePublic": "2016-10-13T00:00:00.000Z", "references": [{"url": "https://www.exploit-db.com/exploits/40525", "name": "ExploitDB-40525", "tags": ["exploit"]}, {"url": "http://www.iobit.com/en/index.php", "name": "Official Product Homepage", "tags": ["product"]}, {"url": "http://www.iobit.com/downloadcenter.php?product=malware-fighter-free", "name": "Product Reference", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/iobit-malware-fighter-unquoted-service-path-privilege-escalation", "name": "VulnCheck Advisory: IObit Malware Fighter 4.3.1 Unquoted Service Path Privilege Escalation", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-428", "description": "Unquoted Search Path or Element"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:iobit:malware_fighter:4.3.1:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:11.0.0.1274:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:9.4.0.776:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:9.2:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:8.0.2.547:*:*:*:-:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:8.0.2.547:*:*:*:pro:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:4.0.3.22:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:4.2.02425:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:4.5.03457:*:*:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:iobit:malware_fighter:5.5.0:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-04T19:59:48.106Z"}}}, "cveMetadata": {"cveId": "CVE-2016-20059", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:28:43.356Z", "dateReserved": "2026-04-04T13:42:51.909Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-04T13:51:02.758Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:iobit:malware_fighter:*:*:*:*:free:*:*:*", "matchCriteriaId": "93087180-C98A-458D-9F2A-F3E46DE54B82", "versionEndIncluding": "4.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges."}], "id": "CVE-2016-20059", "lastModified": "2026-04-27T13:27:25.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-04T14:16:18.557", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.iobit.com/downloadcenter.php?product=malware-fighter-free"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "http://www.iobit.com/en/index.php"}, {"source": "disclosure@vulncheck.com", "tags": ["Exploit", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/40525"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/iobit-malware-fighter-unquoted-service-path-privilege-escalation"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-428"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "4.3.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "IObit Malware Fighter", "source": "cna", "vendor": "Iobit"}, "product": "malware_fighter", "vendor": "iobit"}], "analysis": {"en": {"generated_at": "2026-04-04T18:22:44.701954+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest IObit Malware Fighter release that quotes the service paths and eliminates the privilege escalation route.", "If an upgrade is not immediately possible, stop the IMFservice and LiveUpdateSvc services to prevent the execution of malicious code.", "Delete or rename the service binaries that reside in the unquoted path to block the resolution mechanism.", "Monitor IObit\u2019s security advisories for updates and apply them as soon as they become available."], "summary": {"action": "Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the IObit Malware Fighter product family, particularly version 4.3.1 and other 4.x releases that use the same IMFservice and LiveUpdateSvc binaries. Venders are IObit, and any installation of the application on a Windows workstation is potentially impacted when the services are configured with unquoted paths.", "description_and_impact": "IObit Malware Fighter 4.3.1 exposes an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services. The flaw, categorized as CWE\u2011428, allows a local attacker to supply a path that is interpreted by the operating system, enabling the attacker to drop a malicious executable before the intended service binary. When the service restarts or the system reboots, that executable runs with LocalSystem privileges, allowing the attacker to gain full control of the machine.", "risk_and_exploitability": "The CVSS base score of 8.5 indicates high severity. Because the exploit requires only local user access and no network interaction, it is feasible in environments where end users have interactive access to the machine. The EPSS score is not available, but the lack of external exposure does not diminish the risk for typical desktop deployments. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog, yet its impact remains significant for users who have not upgraded to a version that properly quotes service paths."}}}}, "created": "2026-04-06T20:27:17.408343+00:00", "updated": "2026-04-06T21:57:52.406469+00:00", "vendors": ["iobit", "iobit$PRODUCT$malware_fighter"]}