CVE-2021-21789

Name of the Vulnerable Software and Affected Versions IOBit Advanced SystemCare Ultimate version 14.2.0.220

Description A privilege escalation issue exists in the way the driver handles Privileged I/O write requests. During the IOCTL 0x9c40a0e0 operation, the first dword passed in the input buffer specifies the device port to write to, and the dword at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this issue.

Recommendations For IOBit Advanced SystemCare Ultimate version 14.2.0.220, consider disabling the vulnerable driver until a patch is available to prevent exploitation. Restrict access to the IOCTL 0x9c40a0e0 operation to minimize the risk of privilege escalation. Avoid using the device port and value write functionality via the OUT instruction in the affected driver until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.