2 matches found
Directory traversal
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary...
CVE-2020-13149
Dragon Center (MSI) on MSI Gaming laptops is affected by CVE-2020-13149 due to weak ACLs on the %PROGRAMDATA%\MSI\Dragon Center folder in versions before 2.6.2003.2401. A local authenticated attacker can overwrite system files and escalate privileges, with attack approaches including replacing th...