Enrique Fernández Lorenzo

**Name of the Vulnerable Software and Affected Versions** Wondershare Dr.Fone version 13.5.21 **Description** A privilege escalation vulnerability has been found in Wondershare Dr.Fone. This issue could allow an attacker to escalate privileges by replacing the binary `C:ProgramDataWondersharewsServicesElevationService.exe` with a malicious binary. The malicious binary will be executed by SYSTEM automatically. **Recommendations** For Wondershare Dr.Fone version 13.5.21, consider replacing the vulnerable binary `ElevationService.exe` with a secure version or restricting access to the `C:ProgramDataWondersharewsServices` directory to prevent exploitation. As a temporary workaround, consider disabling the `ElevationService.exe` binary until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.