CVE-2025-0834

Name of the Vulnerable Software and Affected Versions Wondershare Dr.Fone version 13.5.21

Description A privilege escalation vulnerability has been found in Wondershare Dr.Fone. This issue could allow an attacker to escalate privileges by replacing the binary C:ProgramDataWondersharewsServicesElevationService.exe with a malicious binary. The malicious binary will be executed by SYSTEM automatically.

Recommendations For Wondershare Dr.Fone version 13.5.21, consider replacing the vulnerable binary ElevationService.exe with a secure version or restricting access to the C:ProgramDataWondersharewsServices directory to prevent exploitation. As a temporary workaround, consider disabling the ElevationService.exe binary until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.