Skip to main content

Wps Office CVE-2024-7263

CRITICAL
Path Traversal (CWE-22)
2024-08-15 security@eset.com
9.3
CVSS 4.0 · Vendor: eset
Share

Severity by source

Vendor (eset) PRIMARY
9.3 CRITICAL
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X

Primary rating from Vendor (eset) · only source for this CVE.

CVSS VectorVendor: eset

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

1
CVE Published
Aug 15, 2024 - 15:15 cve.org
CRITICAL 9.3

DescriptionCVE.org

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. Another parameter was not properly sanitized which leads to the execution of an arbitrary Windows library.

AnalysisAI

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.1.0.17119 to mitigate CVE-2024-7262 was not restrictive enough. Another parameter was not properly sanitized which leads to the execution of an arbitrary Windows library. Affected products include: Kingsoft Wps Office. Version information: version 12.1.0.17119.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

CVE-2022-24934 CRITICAL POC
9.8 Mar 23

wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER i

CVE-2022-25943 HIGH POC
7.8 Mar 09

The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the dire

CVE-2020-25291 HIGH POC
7.8 Sep 13

GdiDrawHoriLineIAlt in Kingsoft WPS Office before 11.2.0.9403 allows remote heap corruption via a crafted PLTE chunk in

CVE-2018-6390 MEDIUM POC
6.5 Jan 29

The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of th

CVE-2024-7262 CRITICAL
9.3 Aug 15

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16

CVE-2023-32548 HIGH
8.1 Jun 13

OS command injection vulnerability exists in WPS Office version 10.8.0.6186. Rated high severity (CVSS 8.1), this vulner

CVE-2023-31275 HIGH
7.8 Nov 27

An uninitialized pointer use vulnerability exists in the functionality of WPS Office 11.2.0.11537 that handles Data elem

CVE-2022-26081 HIGH
7.8 Mar 17

The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary co

CVE-2022-25969 HIGH
7.8 Mar 17

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker t

CVE-2017-17967 MEDIUM
5.5 Dec 28

pptreader.dll in Kingsoft WPS Office 10.1.0.6930 allows remote attackers to cause a denial of service via a crafted PPT

CVE-2024-57096 MEDIUM
5.5 May 14

An issue in wps office before v.19302 allows a local attacker to obtain sensitive information via a crafted file. Rated

CVE-2018-7546 MEDIUM
5.5 Jul 18

wpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service

Share

CVE-2024-7263 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy