How severe is CVE-2021-21792?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2021-21792?

This is classified as CWE-782, which is a common weakness in software security.

CVE-2021-21792 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

An information disclosure vulnerability exists in the the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O read requests. A specially crafted I/O request packet (IRP) can lead to privileged reads in the context of a driver which can result in sensitive information disclosure from the kernel. The IN instruction can read four bytes from the given I/O device, potentially leaking sensitive device data to unprivileged users.

Related Vulnerabilities

CVE-2021-21785

MEDIUM

CVSS:6.5(Medium)

An information disclosure vulnerability exists in the IOCTL 0x9c40a148 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to a disclosure ...

CWE-7822021

CVE-2021-21790

MEDIUM

CVSS:6.5(Medium)

CWE-7822021

CVE-2021-21791

MEDIUM

CVSS:6.5(Medium)

CWE-7822021

CVE-2024-0141

MEDIUM

CVSS:6.8(Medium)

NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the GPU vBIOS that may allow a malicious actor with tenant level GPU access to write to an unsupported registry causing a bad state. A successfu...

CWE-7822024

CVE-2025-26125

HIGH

CVSS:7.3(High)

An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges.

CWE-7822025

CVE-2021-21551

HIGH

CVSS:7.8(High)

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user acce...

CWE-7822021