Vulnerabilities > CVE-2021-44901 - Unspecified vulnerability in MSI Dragon Center

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

msi

NVD

Published: 2022-02-04

Updated: 2022-07-12

Summary

Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.

Vulnerable Configurations

Part	Description	Count
Application	Msi MSI Dragon Center - MSI Dragon Center 1.0.1604.101 MSI Dragon Center 1.1.1606.2401 MSI Dragon Center 1.2.1608.401 MSI Dragon Center 1.2.1609.602 MSI Dragon Center 1.2.1610.1801 MSI Dragon Center 1.2.1610.2701 MSI Dragon Center 1.2.1611.901 MSI Dragon Center 1.2.1611.1101 MSI Dragon Center 1.2.1611.1901 MSI Dragon Center 1.2.1701.1101 MSI Dragon Center 1.2.1703.2001 MSI Dragon Center 1.2.1704.1701 MSI Dragon Center 1.2.1705.1801 MSI Dragon Center 1.2.1705.3101 MSI Dragon Center 1.2.1706.1501 MSI Dragon Center 1.2.1707.501 MSI Dragon Center 1.2.1707.2501 MSI Dragon Center 1.2.1708.2201 MSI Dragon Center 1.2.1709.1101 MSI Dragon Center 1.2.1710.1301 MSI Dragon Center 1.2.1711.2101 MSI Dragon Center 1.2.1801.2401 MSI Dragon Center 1.2.1802.501 MSI Dragon Center 1.2.1804.1201 MSI Dragon Center 2.0.104.0 MSI Dragon Center 2.0.116.0	27

Summary

Vulnerable Configurations

References