MSI Installer Flaw Enables Privilege Escalation on Windows Systems

Threat Advisories

MSI Installer Flaw Enables Privilege Escalation on Windows Systems

July 6, 2024

Summary:

A critical local privilege escalation vulnerability has been discovered in MSI Center versions 2.0.36.0 and earlier, allowing low-privileged users to escalate their privileges on Windows systems. This security flaw, tracked as CVE-2024-37726, stems from insecure file operations performed by the MSI Center application running with NT AUTHORITY\SYSTEM privileges.
 

Threat Level – Red | Vulnerability Report

×

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

 

Recent Posts

Join Our Newsletter 14,000+ subscribers and growing! Get top cybersecurity news delivered directly to your inbox.
Sign Up to Receive Our Weekly Threat Digest