Privilege Escalation Vulnerability in MSI Center by MSI
CVE-2022-31877

8.8HIGH

Key Information:

Vendor: Msi
Status: Center
Vendor: CVE Published:; 28 November 2022

What is CVE-2022-31877?

A security flaw exists in the MSI.TerminalServer.exe component of MSI Center version 1.0.41.0 that allows attackers to escalate their privileges. This can be accomplished by sending specially crafted TCP packets, potentially enabling unauthorized access or control over the affected application. Users of MSI Center are advised to review their security posture and implement necessary patches to mitigate the risk of exploitation.

References

http://msi.com

https://patsch.dev/2022/07/08/cve-2022-31877-privilege-es...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2022
Vulnerability Reserved
May 31, 2022

Msi

What is CVE-2022-31877?

References

CVSS V3.1

Timeline