CVE-2024-7262

Arbitrary Code Execution in WPS Office

CVSS 9.3 CRITICALEPSS 1.8%● KEVCWE-22

In short

WPS Office has a flaw that lets attackers run harmful code by tricking users into opening a specially crafted spreadsheet file. This happens because the application doesn't properly check file paths before loading libraries, allowing attackers to substitute legitimate files with malicious ones.

Technical detail

Path traversal vulnerability in promecefpluginhost.exe (WPS Office 12.2.0.13110 to 12.2.0.16412) allows arbitrary DLL loading through improper validation of library paths. Attack vector is user interaction via deceptive document delivery; exploitation results in arbitrary code execution with user privileges. Weaponized exploits demonstrate single-click compromise of affected systems.

Summary generated and translated by AI from the official description.

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:N/RE:L

Affected products

Kingsoft · WPS Office

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-7262 https://www.wps.com/whatsnew/pc/20240422/