CVE-2022-25943

high

Description

The installer of WPS Office for Windows versions prior to v11.2.0.10258 fails to configure properly the ACL for the directory where the service program is installed.

References

https://www.wps.com/whatsnew/pc/20210806/

https://jvn.jp/en/vu/JVNVU90673830/

https://github.com/HadiMed/KINGSOFT-WPS-Office-LPE

Details

Source: Mitre, NVD

Published: 2022-03-09

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.14049

Detections

Analytics