Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.8
CVE-2024-12227: MSI Dragon Center: Local Attack Possible Through Driver Exploit
CVE-2024-12227
Summary
A bug in MSI Dragon Center's driver can allow an attacker on the same computer to potentially take control of the system. This affects versions up to 2.0.146.0. To fix the issue, update to version 2.0.148.0 or later.
Original title
A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL ...
Original description
A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. It is recommended to upgrade the affected component.
nvd CVSS3.1
5.5
nvd CVSS2.0
4.6
nvd CVSS4.0
6.8
Vulnerability type
CWE-404
CWE-476
NULL Pointer Dereference
Published: 5 Dec 2024 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026