HeadlinesBriefing favicon HeadlinesBriefing.com

MSI Center Vulnerability Exposes System Privileges, MSI Dismisses Report

Hacker News •
×

MSI's gaming software contains critical flaws allowing users to gain SYSTEM privileges via named pipes, risking malware exploitation. The Notebook Foundation service spawns a vulnerable pipe, enabling registry manipulation, WMI control, and arbitrary code execution. Researchers exploited outdated 3DES encryption to bypass authentication, triggering remote code execution (RCE) on LAN networks with valid credentials. Despite a successful patch rollout in MSI Center 2.0.70.0, the company's report submission process failed, highlighting systemic security gaps.

The exploit, discovered through decompiling 170 executables, leveraged Inno Setup's packaging and C#/C++ code analysis. Tools like innoextract and IDA Pro revealed the named pipe's insecure design. While MSI patched the issue within days of reporting, their inability to issue a CVE and delayed Vul DB review underscores broader industry challenges.

The researcher reported no bug bounty payouts from Google, ASUS, AMD, or Netgear, despite successful disclosures. This pattern raises questions about corporate accountability in addressing vulnerabilities. The incident emphasizes the need for proactive security measures in preinstalled software, which often operates with elevated privileges by default.