PT-2026-2377 · Wondershare · Wondershare Dr.Fone
Luis Martinez
·
Published
2026-01-13
·
Updated
2026-01-28
·
CVE-2022-50901
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wondershare Dr.Fone version 11.4.9
Description
Wondershare Dr.Fone version 11.4.9 has an issue with an unquoted service path in the DFWSIDService. This could allow local users to potentially run arbitrary code. The unquoted path is located at 'C:Program Files (x86)WondershareWondershare Dr.Fone'. An attacker could exploit this by injecting malicious executables that would run with LocalSystem privileges.
Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wondershare Dr.Fone