CVE-2024-50804

Improper Control of Generation of Code ('Code Injection') (CWE-94)

Published: Nov 18, 2024 / Updated: 1d ago

010
CVSS 7.8EPSS 0.04%High
CVE info copied to clipboard

Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-50804. See article

Nov 18, 2024 at 8:27 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as MEDIUM

Nov 18, 2024 at 8:28 PM
CVE Assignment

NVD published the first details for CVE-2024-50804

Nov 18, 2024 at 9:15 PM
Threat Intelligence Report

CVE-2024-50804 is a critical arbitrary write privilege escalation vulnerability in MSI Center Pro software, allowing attackers to elevate privileges to SYSTEM due to improper file handling by the MSI.CentralServer.exe process. A patch was developed in collaboration with MSI after the vulnerability was reported in September 2024, and it was released on November 14, 2024, via the Microsoft store. The blog provides a detailed walkthrough of the exploit, but no information is given regarding exploitation in the wild, CVSS score, or impacts on third-party vendors. See article

Nov 19, 2024 at 9:16 AM
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.2%)

Nov 19, 2024 at 9:42 AM
CVSS

A CVSS base score of 7.8 has been assigned.

Nov 19, 2024 at 4:40 PM / nvd
Static CVE Timeline Graph

Affected Systems

Msi/center_pro
+null more

Attack Patterns

CAPEC-242: Code Injection
+null more

References

Arbitrary Write Privilege Escalation - CVE-2024-50804
Hi Robbie, MSI Center Pro 2.1.41.0 has been released on Microsoft Store that includes fixes for the two reported vulnerabilities (The Arbitrary Write Vulnerability & the privilege escalation vulnerability). An Arbitrary write vulnerability exists within the folder for the MSI Center Pro software.
Last Week in Security - 2024-11-18
The honeypot attracted attackers using tools like FFUF and Masscan, highlighting the importance of strong access controls and prompt application of security patches to mitigate cyber risks. The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking - Team82 conducted research on the security of the OvrC cloud platform, revealing 10 vulnerabilities that allowed attackers to execute code on OvrC cloud-connected devices.

News

Last Week in Security - 2024-11-18
The honeypot attracted attackers using tools like FFUF and Masscan, highlighting the importance of strong access controls and prompt application of security patches to mitigate cyber risks. The Problem with IoT Cloud-Connectivity and How it Exposed All OvrC Devices to Hijacking - Team82 conducted research on the security of the OvrC cloud platform, revealing 10 vulnerabilities that allowed attackers to execute code on OvrC cloud-connected devices.
NA - CVE-2024-50804 - Insecure Permissions vulnerability in...
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the...
CVE-2024-50804 - MSI Center Pro Insecure Permissions Execution
CVE ID : CVE-2024-50804 Published : Nov. 18, 2024, 9:15 p.m. 18 minutes ago Description : Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder Severity: 0.0 NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-50804 | Micro-star International MSI Center Pro 2.1.37.0 Device_DeviceID.dat.bak permission
A vulnerability has been found in Micro-star International MSI Center Pro 2.1.37.0 and classified as critical . This vulnerability affects unknown code of the file Device_DeviceID.dat.bak . The manipulation leads to permission issues. This vulnerability was named CVE-2024-50804 . Local access is required to approach this attack. There is no exploit available.
CVE-2024-50804
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data...
See 4 more articles and social media posts

CVSS V3.1

Attack Vector:Local
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI