PT-2026-2390 · Easeus · Easeus Data Recovery

Bios

Publicado

2026-01-13

Atualizado

2026-01-15

CVE-2022-50914

CVSS v3.1

8.4

Alta

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EaseUS Data Recovery version 15.1.0.0

Description EaseUS Data Recovery 15.1.0.0 has an issue with an unquoted service path in the EaseUS UPDATE SERVICE executable. This allows attackers to inject and execute malicious code with elevated LocalSystem privileges. The vulnerable path enables the execution of arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

CVE-2022-50914

Produtos afetados

Easeus Data Recovery

PT-2026-2390 · Easeus · Easeus Data Recovery

CVE-2022-50914

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5