Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-57851— MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

CVSS 7.8 · High EPSS 0.17% · P7

Affected Version Matrix 1

VendorProductVersion RangeStatus
Micro-Star International (MSI)KernCoreLib64.sys≤ 1.0.2605.1301affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-57851

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
Source: NVD (National Vulnerability Database)
Vulnerability Description
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
无充分访问控制条件下暴露IOCTL
Source: NVD (National Vulnerability Database)
Vulnerability Title
Micro-Star International Feature Navigator 权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Micro-Star International Feature Navigator是Micro-Star International公司的一款直观易用的工具,旨在通过简便的管理和优化,帮助用户最大限度地提高 MSI 组件的性能。 Micro-Star International Feature Navigator存在权限许可和访问控制问题漏洞,该漏洞源于KernCoreLib64.sys内核驱动程序暴露IOCTL句柄且无需管理员权限,允许任意本地登录用户进行物理内存读写和不受限制的I/O端口操作,导致权
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Micro-Star International (MSI)KernCoreLib64.sys 0 ~ 1.0.2605.1301 -

II. Public POCs for CVE-2026-57851

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium
Qwen3.6-35B-A3B · 10384 chars
Pro+ exclusive includes:
Vulnerability reproduction recording (real sandbox build + trigger, exclusive)
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month

III. Intelligence Information for CVE-2026-57851

登录查看更多情报信息。

Vendor Advisories for CVE-2026-57851 (1)

Proof of Concept for CVE-2026-57851 (1)

IV. Related Vulnerabilities

V. Comments for CVE-2026-57851

No comments yet


Leave a comment