CVE-2023-31275

Name of the Vulnerable Software and Affected Versions WPS Office version 11.2.0.11537

Description The issue is related to an uninitialized pointer use in the functionality that handles Data elements in an Excel file. This can be exploited by providing a specially crafted malformed file, potentially leading to remote code execution. An attacker can trigger this issue by providing a malicious file.

Recommendations For WPS Office version 11.2.0.11537, consider avoiding the use of the affected Excel file handling functionality until a patch is available. As a temporary workaround, refrain from opening suspicious or untrusted Excel files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.