← back
CVE-2022-25943

CVE-2022-25943

EPSS 0.7%CWE-276
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
09 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.
Affected products
WPS Office Software · WPS Office for Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/HadiMed/KINGSOFT-WPS-Office-LPEhttps://jvn.jp/en/vu/JVNVU90673830/https://www.wps.com/whatsnew/pc/20210806/