File Manipulation Vulnerability in MSI Feature Navigator by Micro-Star International
CVE-2022-34109

7.1HIGH

Key Information:

Vendor

Msi

Status
Micro-star International Feature Navigator
Vendor
CVE Published:
12 September 2022

What is CVE-2022-34109?

An issue in MSI Feature Navigator v1.0.1808.0901 allows attackers to manipulate the system by writing arbitrary files to the 'PromoPhoto' directory. This vulnerability poses a significant risk, as it can be exploited without restrictions on file type or size, potentially leading to unauthorized access and manipulation of sensitive information.

References

http://msi.com
x_refsource_MISC
http://micro-star.com
x_refsource_MISC
https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34...
x_refsource_MISC

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.