What is CVE-2020-36952?

CVE-2020-36952 is a high-severity vulnerability in Iobit Uninstaller, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-01-26.

How severe is CVE-2020-36952?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Iobit Uninstaller

CVE-2020-36952

IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service…

EPSS: 0.000 (0.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Iobit Uninstaller — versions 10

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

ExploitDB-49371 (exploit)
IObit Official Homepage (product)
VulnCheck Advisory: IObit Uninstaller 10 Pro - Unquoted Service Path (third-party-advisory)

Frequently asked questions

What is CVE-2020-36952?: CVE-2020-36952 is a high-severity vulnerability in Iobit Uninstaller, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-01-26.
How severe is CVE-2020-36952?: High severity. CVSS v3 base score is 7.8 out of 10.