Arbitrary File Download Vulnerability in MSI Feature Navigator
CVE-2022-34110

5.5MEDIUM

Key Information:

Vendor

Msi

Status
Micro-star International Feature Navigator
Vendor
CVE Published:
12 September 2022

What is CVE-2022-34110?

An arbitrary file download vulnerability exists in Micro-Star International's MSI Feature Navigator version 1.0.1808.0901. This flaw allows attackers to exploit the software by downloading files without restrictions on their type or size. Such a vulnerability can lead to unauthorized access to sensitive information stored on the system, putting users at risk. It is crucial to review and update the affected software to mitigate potential security threats.

References

http://msi.com
x_refsource_MISC
http://micro-star.com
x_refsource_MISC
https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.