VYPR
Vendor

MSI

Products
13
CVEs
17
Across products
19
Status
Private

Products

13

Recent CVEs

17
  • CVE-2021-27965CriMar 5, 2021
    risk 0.65cvss 9.8epss 0.12

    The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.

  • CVE-2022-31877HigNov 28, 2022
    risk 0.57cvss 8.8epss 0.00

    An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.

  • CVE-2020-17382HigOct 2, 2020
    risk 0.54cvss 7.8epss 0.02

    The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).

  • CVE-2025-27813HigApr 10, 2025
    risk 0.53cvss 8.1epss 0.00

    MSI Center before 2.0.52.0 has Missing PE Signature Validation.

  • CVE-2025-27812HigApr 10, 2025
    risk 0.53cvss 8.1epss 0.00

    MSI Center before 2.0.52.0 allows TOCTOU Local Privilege Escalation.

  • CVE-2024-36877HigAug 12, 2024
    risk 0.53cvss 8.2epss 0.01

    Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was discovered to contain a write-what-where condition in the in the SW handler for SMI…

  • CVE-2024-3745HigMay 18, 2024
    risk 0.51cvss 7.8epss 0.00

    MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged user.

  • CVE-2021-44901HigFeb 4, 2022
    risk 0.51cvss 7.8epss 0.00

    Micro-Star International (MSI) Dragon Center <= 2.0.116.0 is vulnerable to multiple Privilege Escalation (LPE/EoP) vulnerabilities in the atidgllk.sys, atillk64.sys, MODAPI.sys, NTIOLib.sys, NTIOLib_X64.sys, WinRing0.sys, WinRing0x64.sys drivers components. All the…

  • CVE-2021-29337HigJun 21, 2021
    risk 0.51cvss 7.8epss 0.01

    MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.

  • CVE-2020-13149HigMay 18, 2020
    risk 0.51cvss 7.8epss 0.00

    Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the…

  • CVE-2022-34109HigSep 12, 2022
    risk 0.46cvss 7.1epss 0.00

    An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \PromoPhoto\, regardless of file type or size.

  • CVE-2022-34108HigSep 12, 2022
    risk 0.46cvss 7.1epss 0.00

    An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file.

  • CVE-2025-14303MedDec 17, 2025
    risk 0.44cvss 6.8epss 0.00

    Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its…

  • CVE-2024-12227MedDec 5, 2024
    risk 0.36cvss 5.5epss 0.00

    A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to…

  • CVE-2024-1460MedMar 7, 2024
    risk 0.36cvss 5.6epss 0.00

    MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.

  • CVE-2024-1443MedMar 7, 2024
    risk 0.29cvss 4.4epss 0.00

    MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.

  • CVE-2026-53876Jun 17, 2026
    risk 0.00cvss epss 0.02

    RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the root privilege by a user who logs in to the web console as an administrator.