Lucene search

[email protected]NVD:CVE-2021-44899

HistoryFeb 04, 2022 - 11:15 a.m.

CVE-2021-44899

2022-02-0411:15:09

[email protected]

web.nvd.nist.gov

msi center

privilege escalation

vulnerabilities

atidgllk

atillk64

modapi

ntiolib

winring0

ioctl requests

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.8%

JSON

Micro-Star International (MSI) Center <= 1.0.31.0 is vulnerable to multiple Privilege Escalation vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the vulnerabilities are triggered by sending specific IOCTL requests.

Affected configurations

Nvd

Node

msicenterRange≤1.0.31.0

VendorProductVersionCPE
msicenter*cpe:2.3:a:msi:center:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
msi	center	*	cpe:2.3:a:msi:center::::::::

References

voidsec.com

voidsec.com/advisories/cve-2021-44899/

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

17.8%

JSON

Related for NVD:CVE-2021-44899

cve1 prion1 cvelist1