Arbitrary Code Execution in WPS Office
CVE-2024-7263

7.8HIGH

Key Information:

Vendor: Kingsoft
Status: WPs Office
Vendor: CVE Published:; 15 August 2024

Badges

📰 News Worthy

Summary

An improper path validation vulnerability exists in promecefpluginhost.exe within Kingsoft WPS Office, affecting versions from 12.2.0.13110 to 12.2.0.17115 (exclusive) on Windows operating systems. This security flaw arises due to insufficient sanitization of a crucial parameter, which lets an attacker load an arbitrary Windows library. This vulnerability underscores the need for comprehensive safety checks in software components to prevent unauthorized code execution, leading to potential exploitation risks for users.

Affected Version(s)

WPS Office Windows 12.2.0.13110 < 12.2.0.17115

News Articles

WeLiveSecurity

CVE-2024-7262 CVE-2024-7263

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET research uncovers a vulnerability in WPS Office for Windows (CVE-2024-7262), as it was being exploited by South Korea-aligned cyberespionage group APT-C-60 to target East Asian countries. Analysis of the vendor’s silently released patch led to the discovery of another vulnerability CVE-2024-726...

1 month ago

CybersecurityNews

CVE-2024-7262 CVE-2024-7263

Arbitrary Code Execution Vulnerabilities Affecting WPS Office - Technical Analysis

During an investigation, ESET researchers discovered WPS Office vulnerabilities, identified as CVE-2024-7262 and CVE-2024-7263.

4 months ago

References

https://www.wps.com/whatsnew/pc/20240422/

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

📰
First article discovered by CybersecurityNews
Sep 3, 2024
Vulnerability published
Aug 15, 2024

Collectors

NVD DatabaseMitre Database2 News Article(s)

Credit

Romain DUMONT (ESET)