Msi · Msi Center · CVE-2024-37726
**Name of the Vulnerable Software and Affected Versions**
MSI Center versions 2.0.36.0 and earlier
**Description**
A local privilege escalation vulnerability has been identified in MSI Center, allowing a low-privileged user to arbitrarily overwrite or delete high-privileged and critical files on a system. This issue is caused by the MSI Center application running with NT AUTHORITYSYSTEM privileges and writing files to a low-privilege user-controlled directory. The vulnerability can be triggered when a low-privileged user creates a directory, sets an OpLock on a file within that directory, and utilizes the "Export System Info" function in MSI Center to trigger a file write operation on the OpLocked file. While the OpLock is in place, the user can move the original file and create a junction to a target file, allowing the MSI Center application to overwrite or delete the target file with SYSTEM privileges.
**Recommendations**
For MSI Center versions 2.0.36.0 and earlier, consider disabling the "Export System Info" function in MSI Center until a patch is available to prevent exploitation of this vulnerability. Restrict access to the MSI Center application to minimize the risk of unauthorized access to sensitive data or system control. As a temporary workaround, avoid using the MSI Center application with low-privileged user accounts to reduce the risk of privilege escalation attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.