CVE-2019-25344

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Wondershare MobileGo version 8.5.0

Description The software contains an insecure file permissions issue that allows local users to modify executable files within the application directory. An attacker can replace the original MobileGo.exe with a malicious executable, enabling the creation of a new user account and its addition to the Administrators group, granting full system access.

Recommendations Replace the MobileGo.exe file with a secure version. Restrict file write access to the application directory.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2019-25344

Affected Products

Mobilego

CVE-2019-25344

Weakness Enumeration

Related Identifiers

Affected Products

References · 6