Insecure Permissions Vulnerability in MSI Center Pro by Micro-star International
CVE-2024-50804

Currently unrated

Key Information:

Vendor: Micro-star International
Status: MSI Center Pro
Vendor: CVE Published:; 18 November 2024

🔔 Create Micro-star International Vulnerability Alert

What is CVE-2024-50804?

The MSI Center Pro 2.1.37.0 by Micro-star International contains an Insecure Permissions vulnerability that allows local attackers to execute arbitrary code. This is achieved by targeting the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data directory. By exploiting this weakness, unauthorized users could manipulate file permissions, compromising system integrity and enabling malicious activities.

References

https://g3tsyst3m.github.io/cve/msi/Arbitrary-Write-Privi...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 18, 2024