Privilege Escalation via Crafted IOCTL Call in MSI Dragon Center 2.0.104.0

Privilege Escalation via Crafted IOCTL Call in MSI Dragon Center 2.0.104.0

CVE-2021-29337 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

MODAPI.sys in MSI Dragon Center 2.0.104.0 allows low-privileged users to access kernel memory and potentially escalate privileges via a crafted IOCTL 0x9c406104 call. This IOCTL provides the MmMapIoSpace feature for mapping physical memory.

Learn more about our Cis Benchmark Audit For Apple Ios.