CVE-2022-25969

Summary

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.

Affected Software

VendorProductVersion RangeStatus
KINGSOFT JAPAN, INC.The installer of WPS OfficeReported for Version 10.8.0.6186affected

Weaknesses

  • CWE-427: CWE-427: insecurely loading Dynamic Link Libraries

ADP Enrichment

CVE Program Container

Additional References

References