Products
MSI Afterburner
- 4.6.6.16381 Beta 3
Source
help@fluidattacks.com
Tags
CVE-2024-3745 details
Published : May 18, 2024, 1:15 p.m.
Last Modified : May 18, 2024, 1:15 p.m.
Last Modified : May 18, 2024, 1:15 p.m.
Description
MSI Afterburner v4.6.6.16381 Beta 3 is vulnerable to an ACL Bypass vulnerability in the RTCore64.sys driver, which leads to triggering vulnerabilities like CVE-2024-1443 and CVE-2024-1460 from a low privileged user.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7.8 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
CVSS Data
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
7.8
Exploitability Score
Impact Score
Base Severity
HIGH
Vector String : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
| URL | Source |
|---|---|
| https://fluidattacks.com/advisories/gershwin/ | help@fluidattacks.com |
| https://forums.guru3d.com/threads/msi-ab-rtss-development-news-thread.412822/page-227#post-6231456 | help@fluidattacks.com |
| https://forums.guru3d.com/threads/msi-ab-rtss-development-news-thread.412822/page-227#post-6231768 | help@fluidattacks.com |
This website uses the NVD API, but is not approved or certified by it.