July 2022

CVE-2022-31877: Privilege Escalation in MSI Center

Missing input validation and missing authentication allow attackers with the ability to connect to TCP/IP ports on localhost:26822 (e.g. any low-privileged user space process) to download and/or launch arbitraty executables with elevated privileges.


Welcome to my new blog! I’m going to use this blog as a collection of notes I consider interesting. The first blog post after this one has been migrated from my old, non-maintained blog hosted on Blogger.com.