PT-2023-23445 · Wondershare · Wondershare Filmora
Published
2023-05-23
·
Updated
2025-01-21
·
CVE-2023-31747
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wondershare Filmora 12 (Build 12.2.1.2088)
Description
The issue is related to an unquoted service path vulnerability via the
NativePushService component. This allows attackers to launch processes with elevated privileges.Recommendations
For Wondershare Filmora 12 (Build 12.2.1.2088), consider restricting access to the
NativePushService component until a patch is available. As a temporary workaround, disabling the NativePushService may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wondershare Filmora