CVE-2024-50804

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 18, 2024
Updated: Nov 19, 2024
CWE ID 94

Summary

CVE-2024-50804 is an Insecure Permissions vulnerability affecting Micro-star International's MSI Center Pro 2.1.37.0. A local attacker can exploit this flaw by manipulating the Device_DeviceID.dat.bak file in the C:\\ProgramData\\MSI\\One Dragon Center\\Data folder, resulting in the execution of arbitrary code. This vulnerability poses a significant risk for systems running the affected software, as it can be exploited by attackers with local access. Organizations and individuals using MSI Center Pro are strongly advised to apply the forthcoming patch to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share