128 matches found
CVE-2021-21787
The CVE-2021-21787 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220, involving the driver’s handling of privileged I/O write requests. In particular, IOCTL 0x9c40a0d8 reads the target device port from the input and uses OUT to write the value, enabling potential local privilege escalat...
CVE-2021-21787
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from Iobit UK. The program is mainly used for scanning, repairing and optimizing the system, etc. requests is an elegant and simple HTTP library for humans from the Python Foundation. With requests, you can send HTTP / 1.1...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing your system, among other things. IOBit Advanced SystemCare Ultimate has a security vulnerability. A specially crafted I/O...
IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities
Summary A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. A specially crafted I/O request packet IRP can lead to privileged writes which can result in elevation of privileges of the current user. A...
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability
Summary An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerabilit...
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability
Summary A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested Versions...
CVE-2020-10234
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...
Code injection
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...
CVE-2020-10234
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...
CVE-2020-10234
The CVE-2020-10234 entry concerns the AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2. Affected components: the kernel driver and device objects \DosDevices\AscRegistryFilter and \Device\AscRegistryFilter. The vulnerability allows an unprivileged user to issue an IOCTL to th...
IObit Advanced SystemCare Security Vulnerability
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing, and optimizing the system, among other things. A security vulnerability exists in IObit Advanced SystemCare 13.2 that allows an...
Arbitrary file deletion
IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...
CVE-2020-14990
IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link...
The vulnerability of the IOBit Advanced SystemCare optimization tool, related to privilege management errors, allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the IOBit Advanced SystemCare optimization tool is related to privilege management errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
The vulnerability of the IOBit Advanced SystemCare optimization tool, related to privilege management errors, allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the IOBit Advanced SystemCare optimization tool is related to privilege management errors. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...
CVE-2018-16711
IObit Advanced SystemCare, which includes Monitorwin10x64.sys or Monitorwin7x64.sys, 1.2.0.5 and possibly earlier versions allows a user to send an IOCTL 0x9C402088 with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for...
CVE-2018-16713
IObit Advanced SystemCare, which includes Monitorwin10x64.sys or Monitorwin7x64.sys, 1.2.0.5 and possibly earlier versions allows a user to send an IOCTL 0x9C402084 with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for...
CVE-2018-16712
IObit Advanced SystemCare, which includes Monitorwin10x64.sys or Monitorwin7x64.sys, 1.2.0.5 and possibly earlier versions allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory...
CVE-2018-16711
IObit Advanced SystemCare, which includes Monitorwin10x64.sys or Monitorwin7x64.sys, 1.2.0.5 and possibly earlier versions allows a user to send an IOCTL 0x9C402088 with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for...