SB2021070808 - Multiple vulnerabilities in IOBit Advanced SystemCare Ultimate

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021070808

SB2021070808 - Multiple vulnerabilities in IOBit Advanced SystemCare Ultimate

Published: July 8, 2021

Security Bulletin ID SB2021070808
Severity
Low
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21785)

The vulnerability allows a local user to disclose the sensitive information.

The vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.


2) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21792)

The vulnerability allows a local user to disclose the sensitive information.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN dword. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.


3) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21791)

The vulnerability allows a local user to disclose the sensitive information.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN word. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.


4) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21790)

The vulnerability allows a local user to disclose the sensitive information.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O read requests within IN byte. A local user can use a specially crafted I/O request packet (IRP) and gain access to sensitive information on the system.


5) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21789)

The vulnerability allows a local user to gain elevated privileges on the system.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT dword. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.


6) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21788)

The vulnerability allows a local user to gain elevated privileges on the system.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT word. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.


7) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21787)

The vulnerability allows a local user to gain elevated privileges on the system.

The vulnerability exists the way IOBit Advanced SystemCare Ultimate driver handles Privileged I/O write requests within OUT byte. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.


8) Exposed IOCTL with Insufficient Access Control (CVE-ID: CVE-2021-21786)

The vulnerability allows a local user to gain elevated privileges on the system.

The vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate. A local user can use a specially crafted I/O request packet (IRP) and escalate privileges.


Remediation

Install update from vendor's website.

References