CVE-2021-44900

Name of the Vulnerable Software and Affected Versions MSI App Player versions 4.280.1.6309 and earlier

Description The issue concerns multiple Privilege Escalation vulnerabilities in the NTIOLib X64.sys and BstkDrv msi2.sys driver components. These vulnerabilities can be triggered by sending specific IOCTL requests.

Recommendations For MSI App Player versions 4.280.1.6309 and earlier, consider disabling the NTIOLib X64.sys and BstkDrv msi2.sys drivers as a temporary workaround until a patch is available. Restrict access to these driver components to minimize the risk of exploitation. Avoid sending specific IOCTL requests to these drivers until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.