CVE-2020-37223
Published: 13 May 2026
Summary
CVE-2020-37223 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Iobit (inferred from references). Its CVSS base score is 8.5 (High).
Operationally, ranked at the 2.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31224
Vulnerability details
IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and restart the…
more
service to execute code with SYSTEM privileges.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.