CVE-2026-37454
CVE-2026-37454 concerns MSI Centre’s MSI NBFoundation Service (MSIAPService.exe) where a 3DES-ECB cipher and a publicly accessible named pipe expose insecure permissions. The vulnerability surface includes the REG command group (read/write/delete HKLM/HKCU keys, enabling persistence and service h...