CVE-2019-25266

Name of the Vulnerable Software and Affected Versions Wondershare Application Framework Service version 2.4.3.231

Description An unquoted service path allows local attackers to potentially execute arbitrary code with elevated privileges. This occurs when a service path contains spaces and is not enclosed in quotation marks, enabling attackers to place malicious executables in specific directory locations to hijack the service execution context.

Recommendations Update Wondershare Application Framework Service to a version that fixes the unquoted service path issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.