Filtered by vendor Msi
Subscriptions
Total
17 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-12227 | 1 Msi | 1 Dragon Center | 2024-12-05 | 5.5 Medium |
A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. It is recommended to upgrade the affected component. | ||||
CVE-2022-38532 | 1 Msi | 1 Center | 2024-11-21 | 7.8 High |
Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable. | ||||
CVE-2022-34110 | 1 Msi | 1 Micro-star International Feature Navigator | 2024-11-21 | 5.5 Medium |
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size. | ||||
CVE-2022-34109 | 1 Msi | 1 Micro-star International Feature Navigator | 2024-11-21 | 7.1 High |
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size. | ||||
CVE-2022-34108 | 1 Msi | 1 Micro-star International Feature Navigator | 2024-11-21 | 7.1 High |
An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file. | ||||
CVE-2022-31877 | 1 Msi | 1 Center | 2024-11-21 | 8.8 High |
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet. | ||||
CVE-2021-44903 | 1 Msi | 1 Center Pro | 2024-11-21 | 7.8 High |
Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. | ||||
CVE-2021-44901 | 1 Msi | 1 Dragon Center | 2024-11-21 | 7.8 High |
Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. | ||||
CVE-2021-44900 | 1 Msi | 1 App Player | 2024-11-21 | 7.8 High |
Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. | ||||
CVE-2021-44899 | 1 Msi | 1 Center | 2024-11-21 | 7.8 High |
Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests. | ||||
CVE-2021-32415 | 1 Msi | 1 Wrapper | 2024-11-21 | 7.8 High |
EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates. | ||||
CVE-2021-29337 | 1 Msi | 1 Dragon Center | 2024-11-21 | 7.8 High |
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. | ||||
CVE-2021-27965 | 1 Msi | 1 Dragon Center | 2024-11-21 | 9.8 Critical |
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. | ||||
CVE-2020-17382 | 1 Msi | 2 Ambientlink Mslo64, Ambientlink Mslo64 Firmware | 2024-11-21 | 7.8 High |
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054). | ||||
CVE-2020-13149 | 1 Msi | 1 Dragon Center | 2024-11-21 | 7.8 High |
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory. | ||||
CVE-2019-16098 | 1 Msi | 1 Afterburner | 2024-11-21 | 7.8 High |
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code. | ||||
CVE-2024-36877 | 1 Msi | 7 Am4, Am5, Intel 300 and 4 more | 2024-10-24 | 8.2 High |
Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI 0xE3. Motherboard's with the following chipsets are affected: Intel 300, Intel 400, Intel 500, Intel 600, Intel 700, AMD 300, AMD 400, AMD 500, AMD 600 and AMD 700. |
Page 1 of 1.