507 matches found
CVE-2021-21786
CVE-2021-21786 affects IOBit Advanced SystemCare Ultimate 14.2.0.220. The IOCTL 0x9c406144 handler processes untrusted input via IRP, calling HalGetBusDataByOffset with unconstrained data, allowing an unprivileged user to escalate privileges. TALOS-2021-1253 documents a local privilege-escalation...
CVE-2021-21786
A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability...
CVE-2021-21789
Summary: CVE-2021-21789 concerns a privilege-escalation vulnerability in IOBit Advanced SystemCare Ultimate 14.2.0.220’s driver. The issue arises in the driver’s handling of Privileged I/O write requests via IOCTL 0x9c40a0e0, where the first dword of the input buffer is the target device port and...
CVE-2021-21789
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via...
CVE-2021-21788
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via...
CVE-2021-21788
Summary: CVE-2021-21788 affects IOBit Advanced SystemCare Ultimate 14.2.0.220, where the driver mishandles Privileged I/O write requests. The vulnerability is triggered via IOCTL 0x9c40a0dc (and related IOCTLs in TALOS analysis), where the first dword of the input buffer selects the device port a...
CVE-2021-21787
The CVE-2021-21787 issue affects IOBit Advanced SystemCare Ultimate 14.2.0.220, involving the driver’s handling of privileged I/O write requests. In particular, IOCTL 0x9c40a0d8 reads the target device port from the input and uses OUT to write the value, enabling potential local privilege escalat...
CVE-2021-21787
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing the system, among other things. A security vulnerability exists in IOBit Advanced SystemCare Ultimate, which stems from an...
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c40a148 vulnerability
Summary An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerabilit...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing the system, among other things. A security vulnerability exists in IOBit Advanced SystemCare Ultimate, which stems from a...
IOBit Advanced SystemCare Ultimate Privileged I/O Read vulnerabilities
Summary An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet IRP can lead to privileged reads in the context of a driver which can result in sensitive...
Iobit IOBit Advanced SystemCare 访问控制错误漏洞
Advanced SystemCare Ultimate is a Windows optimization suite from Iobit that analyzes system performance bottlenecks. advanced SystemCare Ultimate version 14.2.0.220 contains an elevation of privilege vulnerability. An attacker can exploit the vulnerability by sending a malicious I/O request pack...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing your system, among other things. IOBit Advanced SystemCare Ultimate has a security vulnerability. A specially crafted I/O...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing the system, among other things. A security vulnerability exists in IOBit Advanced SystemCare Ultimate, which stems from a...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from the British company IOBit Iobit. The program is mainly used for scanning, repairing and optimizing the system, among other things. A security vulnerability exists in IOBit Advanced SystemCare Ultimate, which stems from th...
IOBit Advanced SystemCare Ultimate exposed IOCTL 0x9c406144 vulnerability
Summary A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet IRP can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. Tested Versions...
IOBit Advanced SystemCare 安全漏洞
Iobit IOBit Advanced SystemCare is a system management utility program from Iobit UK. The program is mainly used for scanning, repairing and optimizing the system, etc. requests is an elegant and simple HTTP library for humans from the Python Foundation. With requests, you can send HTTP / 1.1...
IOBit Advanced SystemCare ultimate privileged I/O write vulnerabilities
Summary A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. A specially crafted I/O request packet IRP can lead to privileged writes which can result in elevation of privileges of the current user. A...
CVE-2020-10234
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic aka BSOD follows. The IOCTL codes can be found in the dispatch function:...