Arbitrary Windows Library Loading Vulnerability
CVE-2024-7262

7.8HIGH

Key Information:

Vendor
Kingsoft
Status
WPs Office
Vendor
CVE Published:
15 August 2024

Badges

👾 Exploit Exists🦅 CISA Reported📰 News Worthy

Summary

A vulnerability exists in Kingsoft WPS Office due to improper path validation in the promecefpluginhost.exe component. This weakness allows attackers to exploit affected versions of the software, specifically from 12.2.0.13110 to 12.2.0.16412 (exclusive), by loading arbitrary Windows libraries. Recent findings indicate that this vulnerability can be weaponized as a one-click exploit manifesting in the form of a deceptive spreadsheet document, posing significant risks to users by potentially compromising their systems when the document is opened.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

WPS Office Windows 12.2.0.13110 < 12.2.0.16412

News Articles

favicon imageWeLiveSecurity

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET research uncovers a vulnerability in WPS Office for Windows (CVE-2024-7262), as it was being exploited by South Korea-aligned cyberespionage group APT-C-60 to target East Asian countries. Analysis of the vendor’s silently released patch led to the discovery of another vulnerability CVE-2024-726...

1 month ago

favicon imageIT Pro

CISA issues alert over two high-severity DrayTek vulnerabilities – here’s what you need to know

Users of DrayTek's network equipment management software have been urged to remain vigilant.

4 months ago

favicon imageCybersecurityNews

Arbitrary Code Execution Vulnerabilities Affecting WPS Office - Technical Analysis

During an investigation, ESET researchers discovered WPS Office vulnerabilities, identified as CVE-2024-7262 and CVE-2024-7263.

4 months ago

References

https://www.wps.com/whatsnew/pc/20240422/

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • 🦅

    CISA Reported

  • 📰

    First article discovered by Help Net Security

  • 👾

    Exploit known to exist

  • Vulnerability published

Collectors

NVD DatabaseMitre DatabaseCISA Database9 News Article(s)

Credit

Romain DUMONT (ESET)
.