CVE-2022-50903

Sažetak

Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific filesystem locations that will be executed with LocalSystem permissions during service startup.

Reference

https://www.exploit-db.com/exploits/50756
https://www.vulncheck.com/advisories/wondershare-mobiletrans-elevationservice-unquoted-service-path
https://www.wondershare.com/

CVSS

Base:	8.4
Impact:	5.9
Exploitability:	2.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

28-01-2026 - 19:53

Objavljeno

13-01-2026 - 23:15