PT-2024-17493 · Msi · Msi Dragon Center+1
Topgun
·
Published
2024-12-05
·
Updated
2024-12-05
·
CVE-2024-12227
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
MSI Dragon Center versions up to 2.0.146.0
Description
A problematic issue was found in the IOCTL Handler component of MSI Dragon Center, affecting the
MmUnMapIoSpace function in the NTIOLib X64.sys library. This leads to a null pointer dereference. The attack can be launched on the local host, potentially allowing unauthorized local access.Recommendations
For MSI Dragon Center versions up to 2.0.146.0, upgrade to version 2.0.148.0 to address this issue. As a temporary workaround, consider restricting access to the
NTIOLib X64.sys library until the upgrade is applied.Fix
Improper Resource Release
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Msi Dragon Center
Ntiolib X64.Sys