CVE-2021-21788

Name of the Vulnerable Software and Affected Versions IOBit Advanced SystemCare Ultimate version 14.2.0.220

Description A privilege escalation issue exists due to the way the driver handles Privileged I/O write requests. Specifically, during the IOCTL 0x9c40a0dc operation, the first dword in the input buffer specifies the device port to write to, and the word at offset 4 is the value to write via the OUT instruction. This allows writing one byte to the given I/O device port, potentially leading to escalated privileges for unprivileged users. A local attacker can exploit this by sending a malicious IRP.

Recommendations For IOBit Advanced SystemCare Ultimate version 14.2.0.220, consider restricting access to the IOCTL 0x9c40a0dc operation until a patch is available. As a temporary workaround, disabling the driver's handling of Privileged I/O write requests may mitigate the risk of exploitation.