CVE-2026-57851
Received
Received - Intake
Local Privilege Escalation in MSI Feature Manager via KernCoreLib64.sys
Vulnerability report for CVE-2026-57851, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-07-07
Last updated on: 2026-07-07
Assigner: VulnCheck
Description
Description
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| msi | feature_manager | to 2026-57851 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-782 | The product implements an IOCTL with functionality that should be restricted, but it does not properly enforce access control for the IOCTL. |