CVE-2024-13187

Name of the Vulnerable Software and Affected Versions Kingsoft WPS Office version 6.14.0

Description A critical issue was found in the TCC Handler component of Kingsoft WPS Office, allowing for code injection. The manipulation can lead to an attack on the local host. The issue has been publicly disclosed, and the vendor was contacted but did not respond.

Recommendations For Kingsoft WPS Office version 6.14.0, as a temporary workaround, consider disabling the TCC Handler component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.