CVE-2021-27965 PoC — Microsoft MSI Dragon Center 缓冲区错误漏洞

Source

https://github.com/fengjixuchui/CVE-2021-27965

Associated Vulnerability

Title:Microsoft MSI Dragon Center 缓冲区错误漏洞 (CVE-2021-27965)
Description:MSI Dragon Center 2.0.98.0之前版本中的 MsIo64.sys驱动程序的1.1.19.1016之前版本中存在缓冲区错误漏洞，该漏洞允许通过一个精巧的请求进行权限升级。

Description

The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.

Readme

# CVE-2021-27965
 The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request.
 
 This exploit will be finished, this is a guarantee.

File Snapshot


 [4.0K]  /data/pocs/d9ef58a820b5f5c886c47b8ebc633969aaf6dcd6
├── [4.0K]  poc
│   ├── [2.8K]  exploit.c
│   ├── [ 353]  exploit.h
│   ├── [1.4K]  poc.sln
│   ├── [7.0K]  poc.vcxproj
│   ├── [1.0K]  poc.vcxproj.filters
│   └── [ 459]  shellcode.asm
└── [ 285]  README.md

1 directory, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!