Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users.
CVSS Information
N/A
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Vulnerability Title
IOBit Advanced SystemCare 安全漏洞
Vulnerability Description
Iobit IOBit Advanced SystemCare是英国IOBit(Iobit)公司的一款系统管理实用程序。该程序主要用于扫描、修复和优化系统等。 IOBit Advanced SystemCare Ultimate存在安全漏洞,该漏洞源于IOBit Advanced SystemCare Ultimate 14.2.0.220版本的驱动程序处理特权 I/O 写入请求的方法中存在提权漏洞。本地攻击者可以发送恶意 IRP 来触发此漏洞。
CVSS Information
N/A
Vulnerability Type
N/A