9 results (0.003 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. • https://shareforall.notion.site/MSI-Dragon-Center-NTIOLib_X64-0xC3506104-MmMapIoSpace-DOS-15160437bb1e801daf58d4aea052970e https://vuldb.com/?ctiid.286959 https://vuldb.com/?id.286959 https://vuldb.com/?submit.456017 https://www.msi.com/Landing/dragon-center-download/nb • CWE-404: Improper Resource Shutdown or Release CWE-476: NULL Pointer Dereference •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet. Un problema en el componente MSI.TerminalServer.exe de MSI Center v1.0.41.0 permite a los atacantes escalar privilegios a través de un paquete TCP manipulado. • http://msi.com https://patsch.dev/2022/07/08/cve-2022-31877-privilege-escalation-in-msi-centers-msi-terminalserver-exe • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable. Se ha detectado que MSI Center versión 1.0.50.0 de Micro-Star International Co., Ltd, contiene una vulnerabilidad en el componente C_Features del archivo MSI.CentralServer.exe. Esta vulnerabilidad permite a atacantes escalar privilegios por medio del funcionamiento de un ejecutable diseñado • https://github.com/nam3lum/msi-central_privesc •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. Micro-Star International (MSI) Center Pro versiones anteriores a 2.0.16.0 incluyéndola, es vulnerable a múltiples vulnerabilidades de escalada de privilegios (LPE/EoP) en los componentes de los controladores atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys. Todas las vulnerabilidades son desencadenadas mediante el envío de peticiones IOCTL específicas • https://voidsec.com https://voidsec.com/advisories/cve-2021-44903 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. Micro-Star International (MSI) Dragon Center versiones anteriores a 2.0.116.0 incluyéndola, es vulnerable a múltiples vulnerabilidades de escalada de privilegios (LPE/EoP) en los componentes de los controladores atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys. Todas las vulnerabilidades son desencadenadas mediante el envío de peticiones IOCTL específicas • https://voidsec.com https://voidsec.com/advisories/cve-2021-44901 •