Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read two bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.
CVSS Information
N/A
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Vulnerability Title
IOBit Advanced SystemCare 安全漏洞
Vulnerability Description
Iobit IOBit Advanced SystemCare是英国IOBit(Iobit)公司的一款系统管理实用程序。该程序主要用于扫描、修复和优化系统等。 IOBit Advanced SystemCare Ultimate 存在安全漏洞,该漏洞源于该产品14.2.0.220版本的驱动处理特权IO读请求的方式存在信息泄露漏洞,一个特殊设计的IO请求包(IRP)可以在驱动程序的上下文中导致特权读取,这可能导致内核泄露敏感信息。攻击者可利用该漏洞可以制造一个恶意IRP来触发这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A