Vendor
A local privilege escalation vulnerability (CVE-2026-57851) exists in the MSI Feature Manager's KernCoreLib64.sys kernel driver that allows any local user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without requiring administrator privileges, enabling manipulation of kernel objects, tampering with kernel-mode callbacks, bypassing Protected Process Light, and disabling security software.