Vulnerabilities > CVE-2021-32415 - Unspecified vulnerability in MSI Wrapper

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

msi

NVD

Published: 2022-12-13

Updated: 2023-08-08

Summary

EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates.

Vulnerable Configurations

Part	Description	Count
Application	Msi MSI Wrapper 6.0.91 MSI Wrapper 6.0.92 MSI Wrapper 6.0.96 MSI Wrapper 7.0.8 MSI Wrapper 7.1.9 MSI Wrapper 7.1.11 MSI Wrapper 7.1.12 MSI Wrapper 8.0.20 MSI Wrapper 8.0.21 MSI Wrapper 8.0.24 MSI Wrapper 8.0.25 MSI Wrapper 8.0.26 MSI Wrapper 9.0.30 MSI Wrapper 9.0.34 MSI Wrapper 9.0.35 MSI Wrapper 9.0.42	16

References

http://exemsi.com
https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-ninjarmm
http://msi.com