Missing PE Signature Validation in MSI Center Affects MSI Products
CVE-2025-27813

8.1HIGH

Key Information:

Vendor: Msi
Status: Center
Vendor: CVE Published:; 10 April 2025

What is CVE-2025-27813?

A vulnerability has been identified in MSI Center prior to version 2.0.52.0, where missing validation for Portable Executable (PE) signatures could allow attackers to execute malicious code. This lack of security measure increases the risk of exploitation, potentially compromising affected systems. Users are advised to update to the latest version to mitigate this risk and ensure their systems remain secure.

Affected Version(s)

Center 0 < 2.0.52.0

References

https://csr.msi.com/global/product-security-advisories

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2025
Vulnerability Reserved
Mar 7, 2025

Msi

What is CVE-2025-27813?

Affected Version(s)

References

CVSS V3.1

Timeline