Skip to main content

Kerncorelib64 Sys

1 CVEs product

Monthly

CVE-2026-57851 HIGH POC This Week

Local privilege escalation in MSI Feature Manager (GameGaraj) stems from its bundled KernCoreLib64.sys kernel driver exposing IOCTL handlers that any logged-on user can reach without administrator rights, granting arbitrary physical memory read/write and unrestricted I/O port access. Any low-privileged user on an affected Windows host can leverage this to manipulate kernel objects, tamper with kernel callbacks, bypass Protected Process Light (PPL), and disable endpoint security. Publicly available exploit code exists (published by VulnCheck), though there is no public exploit identified as being used in active attacks at time of analysis.

Privilege Escalation Kerncorelib64 Sys
NVD GitHub VulDB
CVSS 4.0
8.5
EPSS
0.2%
EPSS 0% CVSS 8.5
HIGH POC This Week

Local privilege escalation in MSI Feature Manager (GameGaraj) stems from its bundled KernCoreLib64.sys kernel driver exposing IOCTL handlers that any logged-on user can reach without administrator rights, granting arbitrary physical memory read/write and unrestricted I/O port access. Any low-privileged user on an affected Windows host can leverage this to manipulate kernel objects, tamper with kernel callbacks, bypass Protected Process Light (PPL), and disable endpoint security. Publicly available exploit code exists (published by VulnCheck), though there is no public exploit identified as being used in active attacks at time of analysis.

Privilege Escalation Kerncorelib64 Sys
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy