virus logo FortiClient Vulnerability

Weak Permissions Leading to Privilege Escalation for Dragon Center

description-logoDescription

Weak permissions on the in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory.

affected-products-logoAffected Applications

Dragon Center

CVE References

CVE-2020-13149

Other References

https://nvd.nist.gov/vuln/detail/CVE-2020-13149
ID 69768
Created Nov 25, 2021
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor MSI
Patch manual
Application Dragon Center