Skip to main content

IObit Advanced SystemCare EUVD-2026-27317

| CVE-2026-7832 MEDIUM
UNIX Symbolic Link (Symlink) Following (CWE-61)
2026-05-05 VulDB
Information Disclosure
6.4
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
May 05, 2026 - 13:30 vuln.today
Severity Changed
May 05, 2026 - 13:22 NVD
HIGH MEDIUM
CVSS changed
May 05, 2026 - 13:22 NVD
7.0 (HIGH) 6.4 (MEDIUM)

DescriptionNVD

A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component Service. The manipulation results in symlink following. Attacking locally is a requirement. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks.

AnalysisAI

IObit Advanced SystemCare 19 contains a symlink following vulnerability in the ASC.exe Service component that allows local authenticated attackers to achieve high-impact confidentiality and integrity violations. The vulnerability requires local access and elevated privileges (PR:L) but has high attack complexity (AC:H), making real-world exploitation difficult despite public exploit availability. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-27317 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy