Vulnerability found in MSI Dragon Center, version up to 2.0.146.0
CVE-2024-12227

5.5MEDIUM

Key Information:

Vendor

Msi

Status
Dragon Center
Vendor
CVE Published:
5 December 2024

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2024-12227?

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. It is recommended to upgrade the affected component.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dragon Center 2.0.146

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

POC-CVE-2024-12227
Created by HI0U

References

https://vuldb.com/?id.286959
vdb-entrytechnical-description
https://vuldb.com/?ctiid.286959
signaturepermissions-required
https://vuldb.com/?submit.456017
third-party-advisory

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

TopGun (VulDB User)
JSON
.