Risk | Low |
Patch available | YES |
Number of vulnerabilities | 8 |
CVE-ID | CVE-2021-21785 CVE-2021-21792 CVE-2021-21791 CVE-2021-21790 CVE-2021-21789 CVE-2021-21788 CVE-2021-21787 CVE-2021-21786 |
CWE-ID | CWE-782 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Advanced SystemCare Ultimate Client/Desktop applications / Antivirus software/Personal firewalls |
Vendor | IObit |
Security Bulletin
This security bulletin contains information about 8 vulnerabilities.
EUVDB-ID: #VU54598
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21785
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to disclose the sensitive information.
The vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.
Install updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1252
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54605
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21792
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to disclose the sensitive information.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN dword. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1255
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54604
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21791
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to disclose the sensitive information.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN word. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1255
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54603
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21790
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to disclose the sensitive information.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN byte. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1255
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54602
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21789
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain elevated privileges on the system.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT dword. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2021-1254
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54601
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21788
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain elevated privileges on the system.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT word. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2021-1254
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54600
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21787
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain elevated privileges on the system.
The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT byte. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2021-1254
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU54599
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-21786
CWE-ID:
CWE-782 - Exposed IOCTL with Insufficient Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain elevated privileges on the system.
The vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAdvanced SystemCare Ultimate: 14.2.0.220
External linkshttp://talosintelligence.com/vulnerability_reports/TALOS-2021-1253
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.