Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Msi Subscribe
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32415 1 Msi 1 Wrapper 2022-12-15 N/A 7.8 HIGH
EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.
CVE-2022-31877 1 Msi 1 Center 2022-11-29 N/A 8.8 HIGH
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.
CVE-2022-38532 1 Msi 1 Center 2022-09-22 N/A 7.8 HIGH
Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable.
CVE-2022-34108 1 Msi 1 Micro-star International Feature Navigator 2022-09-14 N/A 7.1 HIGH
An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file.
CVE-2022-34110 1 Msi 1 Micro-star International Feature Navigator 2022-09-14 N/A 5.5 MEDIUM
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size.
CVE-2022-34109 1 Msi 1 Micro-star International Feature Navigator 2022-09-14 N/A 7.1 HIGH
An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size.
CVE-2021-44901 1 Msi 1 Dragon Center 2022-07-12 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-44900 1 Msi 1 App Player 2022-07-12 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-29337 1 Msi 1 Dragon Center 2022-07-12 7.2 HIGH 7.8 HIGH
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.
CVE-2021-44899 1 Msi 1 Center 2022-07-12 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2021-44903 1 Msi 1 Center Pro 2022-07-12 4.6 MEDIUM 7.8 HIGH
Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.
CVE-2019-16098 1 Msi 1 Afterburner 2021-07-21 7.2 HIGH 7.8 HIGH
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
CVE-2021-27965 1 Msi 1 Dragon Center 2021-03-16 7.5 HIGH 9.8 CRITICAL
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.
CVE-2020-17382 1 Msi 2 Ambientlink Mslo64, Ambientlink Mslo64 Firmware 2020-10-09 7.2 HIGH 7.8 HIGH
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
CVE-2020-13149 1 Msi 1 Dragon Center 2020-05-20 4.6 MEDIUM 7.8 HIGH
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory.