Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read four bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.
CVSS Information
N/A
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Vulnerability Title
IOBit Advanced SystemCare 安全漏洞
Vulnerability Description
Iobit IOBit Advanced SystemCare是英国IOBit(Iobit)公司的一款系统管理实用程序。该程序主要用于扫描、修复和优化系统等。 IOBit Advanced SystemCare Ultimate 中存在安全漏洞,该漏洞源于产品对IO数据的读取未加限制,导致可驱动程序的上下文对IO请求包数据进行读取。攻击者可通过该漏洞获得内核信息。以下产品及版本受到影响:IOBit Advanced SystemCare Ultimate 14.2.0.220。
CVSS Information
N/A
Vulnerability Type
N/A