Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
Vulnerability Description
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Vulnerability Title
Micro-Star International Feature Navigator 权限许可和访问控制问题漏洞
Vulnerability Description
Micro-Star International Feature Navigator是Micro-Star International公司的一款直观易用的工具,旨在通过简便的管理和优化,帮助用户最大限度地提高 MSI 组件的性能。 Micro-Star International Feature Navigator存在权限许可和访问控制问题漏洞,该漏洞源于KernCoreLib64.sys内核驱动程序暴露IOCTL句柄且无需管理员权限,允许任意本地登录用户进行物理内存读写和不受限制的I/O端口操作,导致权
CVSS Information
N/A
Vulnerability Type
N/A