CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3745 – MSI Afterburner v4.6.6.16381 Beta 3 - ACL Bypass
https://notcve.org/view.php?id=CVE-2024-3745
18 May 2024 — MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged user. MSI Afterburner v4.6.6.16381 Beta 3 es vulnerable a una vulnerabilidad de derivación de ACL en el controlador RTCore64.sys, lo que provoca la activación de vulnerabilidades como CVE-2024-1443 y CVE-2024-1460 por parte de un usuario con pocos privilegios. • https://fluidattacks.com/advisories/gershwin • CWE-863: Incorrect Authorization •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1460 – MSI Afterburner v4.6.5.16370 - Kernel Memory Leak
https://notcve.org/view.php?id=CVE-2024-1460
07 Mar 2024 — MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. MSI Afterburner v4.6.5.16370 afectado por una vulnerabilidad de pérdida de memoria del kernel al activar el código IOCTL 0x80002040 del controlador RTCore64.sys. El manejo del conductor sólo se puede obtener mediante un proceso de alta integridad. MSI Afterburner v4.6.5.16370 is vulner... • https://fluidattacks.com/advisories/mingus • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1443 – MSI Afterburner v4.6.5.16370 - Denial of Service
https://notcve.org/view.php?id=CVE-2024-1443
07 Mar 2024 — MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process. MSI Afterburner v4.6.5.16370 afectado por una vulnerabilidad de denegación de servicio al activar el código IOCTL 0x80002000 del controlador RTCore64.sys. El manejo del conductor sólo se puede obtener mediante un proceso de alta integridad. MSI Afterburner v4.6.5.16370 is vulnerable to ... • https://fluidattacks.com/advisories/coltrane • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 80%CPEs: 1EXPL: 3CVE-2019-16098
https://notcve.org/view.php?id=CVE-2019-16098
11 Sep 2019 — The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. El controlador en Micro-Star MSI Afterburner versión 4.6.2.15658 (también se conoce como RTCore64.sys y RTCor... • https://github.com/Barakat/CVE-2019-16098 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •