IOBit Advanced SystemCare Ultimate 14.2.0.220
Approved changes feed: RSS · Atom
cpe:2.3:a:iobit:advanced_systemcare_ultimate:14.2.0.220:*:*:*:*:*:*:*
part: a version: 14.2.0.220 update: *
| Vendor | Iobit (df7a41dc-88fd-585d-b3ce-20ab47097314) |
|---|---|
| Product | Advanced Systemcare Ultimate (621eed49-c94a-5fb9-98fb-830ca0edd6fc) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-21792 |
vulnerable | 2026-06-03 14:43:46.009553 |
Details available
MEDIUM (6.5)
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read four bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.
Published: 2021-08-05T20:05:08.000Z
Updated: 2024-08-03T18:23:29.430Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21791 |
vulnerable | 2026-06-03 14:43:46.009234 |
Details available
MEDIUM (6.5)
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read two bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.
Published: 2021-08-05T20:05:04.000Z
Updated: 2024-08-03T18:23:29.417Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21790 |
vulnerable | 2026-06-03 14:43:46.008931 |
Details available
MEDIUM (6.5)
An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read two bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.
Published: 2021-08-05T20:04:59.000Z
Updated: 2024-08-03T18:23:29.411Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21789 |
vulnerable | 2026-06-03 14:43:46.008640 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this vulnerability.
Published: 2021-07-07T16:40:02.000Z
Updated: 2024-08-03T18:23:29.383Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21788 |
vulnerable | 2026-06-03 14:43:46.008342 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users. A local attacker can send a malicious IRP to trigger this vulnerability.
Published: 2021-07-07T16:39:51.000Z
Updated: 2024-08-03T18:23:29.463Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21787 |
vulnerable | 2026-06-03 14:43:46.008021 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users.
Published: 2021-07-07T16:39:44.000Z
Updated: 2024-08-03T18:23:29.434Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21786 |
vulnerable | 2026-06-03 14:43:46.007691 |
Details available
HIGH (8.8)
A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability.
Published: 2021-07-07T16:49:38.000Z
Updated: 2024-08-03T18:23:29.529Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-21785 |
vulnerable | 2026-06-03 14:43:46.007254 |
Details available
MEDIUM (6.5)
An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to a disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.
Published: 2021-08-05T20:06:11.000Z
Updated: 2024-08-03T18:23:29.488Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-20055 |
vulnerable | 2026-06-03 14:35:36.342984 |
IObit Advanced SystemCare 10.0.2 Unquoted Service Path Privilege Escalation
HIGH (7.8)
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges.
Published: 2026-04-04T13:50:59.001Z
Updated: 2026-04-06T15:42:28.084Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.