CVE-2022-50690

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wondershare MirrorGo version 2.0.11.346

Description Wondershare MirrorGo version 2.0.11.346 has a local privilege escalation issue. Incorrect file permissions on executable files allow unprivileged local users to replace the ElevationService.exe file with a malicious file. This enables the execution of arbitrary code with LocalSystem privileges.

Recommendations Apply appropriate file permissions to the ElevationService.exe executable to prevent unauthorized modification.

Exploit

Fix

LPE

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2022-50690

Affected Products

Mirrorgo

CVE-2022-50690

Weakness Enumeration

Related Identifiers

Affected Products

References · 6