A vulnerability known as CVE-2024-37726 affects MSI Center versions up to 2.0.36.0 on Windows OS, allowing a user with low privileges to overwrite or delete important system files. This happens because MSI Center runs with high privileges and writes files to directories controlled by low-privilege users, enabling manipulation through symlinks. To exploit this, a low-privileged user creates a directory, sets an OpLock on a file, uses MSI Center's "Export System Info" feature to write to the file, moves the original file, and creates a junction to a target file. This tricks MSI Center into overwriting or deleting the target file with high privileges. Exploiting this vulnerability could lead to system compromise. However, updating to version 2.0.38.0 fixes this issue.

https://github.com/carsonchan12345/CVE-2024-37726-MSI-Center-Local-Privilege-Escalation

#cybersecurity #msi #vulnerability #windows #msi_center #symlinks #cve