CVE-2024-50804
Description
MSI Center Pro 2.1.37.0 has an insecure permissions vulnerability allowing local attackers to escalate privileges via arbitrary file write using a symlink attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
MSI Center Pro 2.1.37.0 has an insecure permissions vulnerability allowing local attackers to escalate privileges via arbitrary file write using a symlink attack.
Vulnerability
Overview
The vulnerability resides in MSI Center Pro version 2.1.37.0, where the file Device_DeviceID.dat.bak located in C:\ProgramData\MSI\One Dragon Center\Data is writable by standard users. The application writes to this file without verifying the target, enabling a local attacker to create a symbolic link (symlink) or junction pointing to a privileged system location [1].
Exploitation
A low-privileged user can monitor file operations with tools like Process Monitor and identify the write pattern. By placing a symlink from the vulnerable file to a critical system file (e.g., a DLL in C:\Windows\System32), the next write operation by MSI Center Pro overwrites the target. No authentication beyond local user access is required [1].
Impact
Successful exploitation allows arbitrary file write in the context of the SYSTEM account, leading to arbitrary code execution and full privilege escalation. The attacker gains complete control over the affected system [1].
Mitigation
MSI has released version 2.1.41.0 of MSI Center Pro on the Microsoft Store, which fixes the vulnerability. Users are advised to update immediately. The vendor has acknowledged the issue and credited the researcher [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <= 2.1.37.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.