CVE Catalog
CVE-2026-37452
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.40%
32th percentile - higher than 32% of all known CVEs
Summary
An insecure permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component.
Risk Assessment
The organization is at risk of sensitive data leakage, which could be used for further attacks or identity theft.
Recommendation
Immediately update MSI NBFoundation Service to the latest version and restrict access to the MSIAPService.exe component through appropriate firewall rules.
Original NVD description (English source)
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component

