Vulnerabilities (CVE)

Filtered by vendor Msi Subscribe
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-38532 1 Msi 1 Center 2024-11-21 N/A 7.8 HIGH
Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable.
CVE-2022-34110 1 Msi 1 Micro-star International Feature Navigator 2024-11-21 N/A 5.5 MEDIUM
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size.
CVE-2022-34109 1 Msi 1 Micro-star International Feature Navigator 2024-11-21 N/A 7.1 HIGH
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size.
CVE-2022-34108 1 Msi 1 Micro-star International Feature Navigator 2024-11-21 N/A 7.1 HIGH
An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file.
CVE-2022-31877 1 Msi 1 Center 2024-11-21 N/A 8.8 HIGH
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.
CVE-2021-44903 1 Msi 1 Center Pro 2024-11-21 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-44901 1 Msi 1 Dragon Center 2024-11-21 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-44900 1 Msi 1 App Player 2024-11-21 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-44899 1 Msi 1 Center 2024-11-21 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-32415 1 Msi 1 Wrapper 2024-11-21 N/A 7.8 HIGH
EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.
CVE-2021-29337 1 Msi 1 Dragon Center 2024-11-21 7.2 HIGH 7.8 HIGH
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.
CVE-2021-27965 1 Msi 1 Dragon Center 2024-11-21 7.5 HIGH 9.8 CRITICAL
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.
CVE-2020-17382 1 Msi 2 Ambientlink Mslo64, Ambientlink Mslo64 Firmware 2024-11-21 7.2 HIGH 7.8 HIGH
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
CVE-2020-13149 1 Msi 1 Dragon Center 2024-11-21 4.6 MEDIUM 7.8 HIGH
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory.
CVE-2019-16098 1 Msi 1 Afterburner 2024-11-21 7.2 HIGH 7.8 HIGH
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.