CVE-2016-20059 in Malware Fighterinfo

Summary

IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsible

VulnCheck

Reservation

04/04/2026

Disclosure

04/04/2026

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
355371IObit Malware Fighter LiveUpdateSvc Service unquoted search path428Proof-of-ConceptNot definedCVE-2016-20059

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!