Missing input validation and missing authentication allow attackers with the ability to connect to TCP/IP ports on localhost:26822 (e.g. any low-privileged user space process) to download and/or launch arbitraty executables with elevated privileges. General Affected product: MSI Center by Micro-Star Int’l Co., Ltd. Affected version: < 1.0.45.0, e.g. 1.0.41.0 CVE-2022-31877 Description MSI Center, a tool … Continue reading CVE-2022-31877: Privilege Escalation in MSI Center