CVEbaza.plCWE DictionaryCWE-782
Common Weakness Enumeration

CWE-782

Exposed IOCTL with Insufficient Access Control

Category: VariantCVE: 33
Description

The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL.

CVE vulnerabilities with CWE-782 (33)
10.0
CVSS
CRITICAL
CVE-2024-39251

An issue in the component ControlCenter.sys/ControlCenter64.sys of ThundeRobot Control Center v2.0.0.10 allows attackers to access sensitive information, execute arbitrary code, or escalate privileges via sending crafted IOCTL requests.

pub. 2024-07-01
10.0
CVSS
CRITICAL
CVE-2024-4196

An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1.

pub. 2024-06-25
9.8
CVSS
CRITICAL
CVE-2024-32370

An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component.

pub. 2024-05-07
9.8
CVSS
CRITICAL
CVE-2024-30804

An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests.

pub. 2024-04-26
8.8
CVSS
HIGH
CVE-2024-33220

An issue in the component AslO3_64.sys of ASUSTeK Computer Inc AISuite3 v3.03.36 3.03.36 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

pub. 2024-05-22
8.8
CVSS
HIGH
CVE-2021-21787

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0d8, the first dword passed in the input buffer is the device port to write to and the byte at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users.

pub. 2021-07-07
8.8
CVSS
HIGH
CVE-2021-21788

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0dc, the first dword passed in the input buffer is the device port to write to and the word at offset 4 is the value to write via the OUT instruction. The OUT instruction can write one byte to the given I/O device port, potentially leading to escalated privileges of unprivileged users. A local attacker can send a malicious IRP to trigger this vulnerability.

pub. 2021-07-07
8.8
CVSS
HIGH
CVE-2021-21789

A privilege escalation vulnerability exists in the way IOBit Advanced SystemCare Ultimate 14.2.0.220 driver handles Privileged I/O write requests. During IOCTL 0x9c40a0e0, the first dword passed in the input buffer is the device port to write to and the dword at offset 4 is the value to write via the OUT instruction. A local attacker can send a malicious IRP to trigger this vulnerability.

pub. 2021-07-07
8.8
CVSS
HIGH
CVE-2021-21551

Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

pub. 2021-05-04🚩 CISA KEV⚡ EXPLOIT
8.7
CVSS
HIGH
CVE-2025-7771

ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.

pub. 2025-08-06
8.5
CVSS
HIGH
CVE-2026-8797

An access control deficiency vulnerability exists in ExpressUpdate Agent for Windows. If a malicious user gains access to the product, arbitrary code could be executed with SYSTEM privileges.

pub. 2026-06-26
8.4
CVSS
HIGH
CVE-2024-33222

An issue in the component ATSZIO64.sys of ASUSTeK Computer Inc ASUS ATSZIO Driver v0.2.1.7 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

pub. 2024-05-22
7.8
CVSS
HIGH
CVE-2026-8501

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit this vulnerability to perform sensitive and privileged operations on the target system.

pub. 2026-06-01
7.8
CVSS
HIGH
CVE-2025-47761

An Exposed IOCTL with Insufficient Access Control vulnerability [CWE-782] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.9 may allow an authenticated local user to execute unauthorized code via fortips driver. Success of the attack would require bypassing the Windows memory protections such as Heap integrity and HSP. In addition, it requires a valid and running VPN IPSec connection.

pub. 2025-11-18
7.8
CVSS
HIGH
CVE-2024-33218

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

pub. 2024-05-22
7.8
CVSS
HIGH
CVE-2024-33219

An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

pub. 2024-05-22
7.8
CVSS
HIGH
CVE-2024-33221

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.

pub. 2024-05-22
7.8
CVSS
HIGH
CVE-2023-35841

Exposed IOCTL with Insufficient Access Control in Phoenix WinFlash Driver on Windows allows Privilege Escalation which allows for modification of system firmware.This issue affects WinFlash Driver: before 4.5.0.0.

pub. 2024-05-14
7.8
CVSS
HIGH
CVE-2021-25695

The USB vHub in the Teradici PCOIP Software Agent prior to version 21.07.0 would accept commands from any program, which may allow an attacker to elevate privileges by changing the flow of program execution within the vHub driver.

pub. 2021-07-21
7.8
CVSS
HIGH
CVE-2021-21786

A privilege escalation vulnerability exists in the IOCTL 0x9c406144 handling of IOBit Advanced SystemCare Ultimate 14.2.0.220. A specially crafted I/O request packet (IRP) can lead to increased privileges. An attacker can send a malicious IRP to trigger this vulnerability.

pub. 2021-07-07
Showing 20 of 33 vulnerabilities
Information
ID: CWE-782
Type: Variant
Vulnerabilities: 33
MITRE CWE ↗
← CWE Dictionary
CWE-782 — Exposed IOCTL with Insufficient Access Control | CWE Dictionary | CVEbaza.pl