Privilege Escalation Vulnerability in EaseUS MobiMover 6.0.5
CVE-2024-22752

8.1HIGH

Key Information:

Vendor: EaseUS
Status: MobiMover
Vendor: CVE Published:; 7 March 2024

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-22752?

An insecure permissions issue in EaseUS MobiMover version 6.0.5 Build 21620 poses a significant security risk. This vulnerability allows attackers to gain escalated privileges by executing crafted executables that are launched from the vulnerable application’s installation directory. By exploiting this flaw, the attackers can potentially manipulate the system and access sensitive information, making it crucial for users to update to the latest version and implement security best practices to safeguard their data.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-22752
Created by hacker625

References

https://github.com/hacker625/CVE-2024-22752

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 7, 2024
🟡
Public PoC available
Mar 5, 2024
👾
Exploit known to exist
Mar 5, 2024
Vulnerability Reserved
Jan 11, 2024

CVE-2024-22752 Data

JSON