CVE-2024-1443
MSI Afterburner v4.6.5.16370 - Denial of Service
Severity Score
4.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.
MSI Afterburner v4.6.5.16370 afectado por una vulnerabilidad de denegación de servicio al activar el código IOCTL 0x80002000 del controlador RTCore64.sys. El manejo del conductor sólo se puede obtener mediante un proceso de alta integridad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-02-12 CVE Reserved
- 2024-03-07 CVE Published
- 2024-03-07 EPSS Updated
- 2024-08-01 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
- CAPEC-129: Pointer Manipulation
References (2)
| URL | Tag | Source |
|---|---|---|
| https://fluidattacks.com/advisories/coltrane | Third Party Advisory | |
| https://www.msi.com/Landing/afterburner/graphics-cards | Product |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| MSI Search vendor "MSI" | MSI Afterburner Search vendor "MSI" for product "MSI Afterburner" | 4.6.5.16370 Search vendor "MSI" for product "MSI Afterburner" and version "4.6.5.16370" | en |
Affected
| ||||||