CVE-2024-35205

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-35205

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

T

he WPS Office (aka cn.wps.moffice_eng) application before 17.0.0 for Android fails to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This potentially enables any application to dispatch a crafted library file, aiming to overwrite an existing native library utilized by WPS Office. Successful exploitation could result in the execution of arbitrary commands under the guise of WPS Office's application ID.

References
Link Resource
https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/
https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/
Configurations

No configuration.

History

21 Nov 2024, 09:19

Type Values Removed Values Added
References () https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/ - () https://www.microsoft.com/en-us/security/blog/2024/05/01/dirty-stream-attack-discovering-and-mitigating-a-common-vulnerability-pattern-in-android-apps/ -

20 Aug 2024, 14:35

Type Values Removed Values Added
Summary
  • (es) La aplicación WPS Office (también conocida como cn.wps.moffice_eng) anterior a 17.0.0 para Android no sanitiza adecuadamente los nombres de los archivos antes de procesarlos a través de interacciones de aplicaciones externas, lo que genera una forma de Path Traversal. Potencialmente, esto permite que cualquier aplicación envíe un archivo de librería manipulado, con el objetivo de sobrescribir una librería nativa existente utilizada por WPS Office. La explotación exitosa podría resultar en la ejecución de comandos arbitrarios bajo la apariencia del ID de la aplicación de WPS Office.
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CWE CWE-22

14 May 2024, 15:39

Type Values Removed Values Added
New CVE
Information

Published : 2024-05-14 15:39

Updated : 2024-11-21 09:19

NVD link : CVE-2024-35205

Mitre link : CVE-2024-35205

CVE.ORG link : CVE-2024-35205

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')