virus logo FortiClient Vulnerability

MSI Dragon Center CVE-2021-29337 Privilege Escalation Vulnerability

description-logoDescription

MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. Versions before 2.6.2003.2401 has weak permissions which allow local authenicated users to overwrite system files and gain escalated privileges.

affected-products-logoAffected Applications

Dragon Center

CVE References

CVE-2021-29337

Other References

https://nvd.nist.gov/vuln/detail/CVE-2021-29337
ID 2365
Created Sep 09, 2021
Description
Updated		 Nov 06, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor MSI
Patch manual
Application Dragon Center