MSI Installer Flaw Enables Privilege Escalation on Windows Systems
MSI Installer Flaw Enables Privilege Escalation on Windows Systems
Summary:
A critical local privilege escalation vulnerability has been discovered in MSI Center versions 2.0.36.0 and earlier, allowing low-privileged users to escalate their privileges on Windows systems. This security flaw, tracked as CVE-2024-37726, stems from insecure file operations performed by the MSI Center application running with NT AUTHORITY\SYSTEM privileges.
Threat Level – Red | Vulnerability Report
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.