Vulnerability Details CVE-2021-27965
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.226
EPSS Ranking 95.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://github.com/kronl/cve/tree/master/MSI_Dragon_Center
- https://www.microsoft.com/en-us/p/msi-dragon-center/9nh7n2bv1cqq?activetab=pivot:overviewtab
- https://github.com/kronl/cve/tree/master/MSI_Dragon_Center
- https://www.microsoft.com/en-us/p/msi-dragon-center/9nh7n2bv1cqq?activetab=pivot:overviewtab
Products affected by CVE-2021-27965
-
cpe:2.3:a:msi:dragon_center:-
-
cpe:2.3:a:msi:dragon_center:1.0.1604.101
-
cpe:2.3:a:msi:dragon_center:1.1.1606.2401
-
cpe:2.3:a:msi:dragon_center:1.2.1608.401
-
cpe:2.3:a:msi:dragon_center:1.2.1609.602
-
cpe:2.3:a:msi:dragon_center:1.2.1610.1801
-
cpe:2.3:a:msi:dragon_center:1.2.1610.2701
-
cpe:2.3:a:msi:dragon_center:1.2.1611.1101
-
cpe:2.3:a:msi:dragon_center:1.2.1611.1901
-
cpe:2.3:a:msi:dragon_center:1.2.1611.901
-
cpe:2.3:a:msi:dragon_center:1.2.1701.1101
-
cpe:2.3:a:msi:dragon_center:1.2.1703.2001
-
cpe:2.3:a:msi:dragon_center:1.2.1704.1701
-
cpe:2.3:a:msi:dragon_center:1.2.1705.1801
-
cpe:2.3:a:msi:dragon_center:1.2.1705.3101
-
cpe:2.3:a:msi:dragon_center:1.2.1706.1501
-
cpe:2.3:a:msi:dragon_center:1.2.1707.2501
-
cpe:2.3:a:msi:dragon_center:1.2.1707.501
-
cpe:2.3:a:msi:dragon_center:1.2.1708.2201
-
cpe:2.3:a:msi:dragon_center:1.2.1709.1101
-
cpe:2.3:a:msi:dragon_center:1.2.1710.1301
-
cpe:2.3:a:msi:dragon_center:1.2.1711.2101
-
cpe:2.3:a:msi:dragon_center:1.2.1801.2401
-
cpe:2.3:a:msi:dragon_center:1.2.1802.501
-
cpe:2.3:a:msi:dragon_center:1.2.1804.1201