ACL Bypass Vulnerability in RTCore64.sys Driver Affects MSI Afterburner v4.6.6.16381 Beta 3
CVE-2024-3745

7.8HIGH

Key Information:

Vendor

Msi

Status
Msi Afterburner
Vendor
CVE Published:
18 May 2024

What is CVE-2024-3745?

MSI Afterburner v4.6.6.16381 Beta 3 contains an ACL Bypass vulnerability within its RTCore64.sys driver that can be exploited by low-privileged users. This flaw allows attackers to trigger other vulnerabilities such as CVE-2024-1443 and CVE-2024-1460, potentially leading to broader access and control over affected systems. Users are advised to review patches and mitigations to protect their systems from possible exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MSI Afterburner Windows 4.6.6.16381 Beta 3

References

https://fluidattacks.com/advisories/gershwin/
third-party-advisory
https://forums.guru3d.com/threads/msi-ab-rtss-development...
patch
https://forums.guru3d.com/threads/msi-ab-rtss-development...
release-notes

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.