MSI Dragon Center CVE-2021-29337 Privilege Escalation Vulnerability
Description
MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory. Versions before 2.6.2003.2401 has weak permissions which allow local authenicated users to overwrite system files and gain escalated privileges.
Affected Applications
Dragon Center