Msi

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-1460 1Msi 1Afterburner Oct 14, 2025 Mar 7, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity pro...Show more MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.Show less
CVE-2024-1443 1Msi 1Afterburner Oct 14, 2025 Mar 7, 2024 N/A· v4 4.4 MEDIUM· v3 N/A· v2 MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity proc...Show more MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.Show less
CVE-2021-32415 1Msi 1Wrapper Apr 22, 2025 Dec 13, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.
CVE-2022-31877 1Msi 1Center Apr 25, 2025 Nov 28, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.
CVE-2022-38532 1Msi 1Center Nov 21, 2024 Sep 19, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running...Show more Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable.Show less
CVE-2022-34110 1Msi 1Micro Star International Feature Navigator Nov 21, 2024 Sep 12, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size.
CVE-2022-34109 1Msi 1Micro Star International Feature Navigator Nov 21, 2024 Sep 12, 2022 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size.
CVE-2022-34108 1Msi 1Micro Star International Feature Navigator Nov 21, 2024 Sep 12, 2022 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file.
CVE-2021-44903 1Msi 1Center Pro Nov 21, 2024 Feb 4, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, Wi...Show more Micro-Star International (MSI) Center Pro <= 2.0.16.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.Show less
CVE-2021-44901 1Msi 1Dragon Center Nov 21, 2024 Feb 4, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys...Show more Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.Show less
CVE-2021-44900 1Msi 1App Player Nov 21, 2024 Feb 4, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities a...Show more Micro-Star International (MSI) App Player <= 4.280.1.6309 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the NTIOLib_X64.sys and BstkDrv_msi2.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.Show less
CVE-2021-44899 1Msi 1Center Nov 21, 2024 Feb 4, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys...Show more Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.Show less
CVE-2021-29337 1Msi 1Dragon Center Nov 21, 2024 Jun 21, 2021 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapp...Show more MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.Show less
CVE-2021-27965 1Msi 1Dragon Center Nov 21, 2024 Mar 5, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.
CVE-2020-17382 1Msi 1Ambientlink Mslo64 Firmware Nov 21, 2024 Oct 2, 2020 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
CVE-2020-13149 1Msi 1Dragon Center Nov 21, 2024 May 18, 2020 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain esca...Show more Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory.Show less
CVE-2019-16098 1Msi 1Afterburner Nov 21, 2024 Sep 11, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escal...Show more The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.Show less