MSI Afterburner Vulnerable to Kernel Memory Leak Vulnerability
CVE-2024-1460

5.6MEDIUM

Key Information:

Vendor: Msi
Status: Msi Afterburner
Vendor: CVE Published:; 7 March 2024

What is CVE-2024-1460?

MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.

Affected Version(s)

MSI Afterburner Windows 4.6.5.16370

References

https://fluidattacks.com/advisories/mingus/

third-party-advisory

https://www.msi.com/Landing/afterburner/graphics-cards

product

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2024
Vulnerability Reserved
Feb 12, 2024

Msi

What is CVE-2024-1460?

Affected Version(s)

References

CVSS V3.1

Timeline