Insecure DLL Loading Vulnerability in WPS Office Version 10.8.0.6186 Installer

Insecure DLL Loading Vulnerability in WPS Office Version 10.8.0.6186 Installer

CVE-2022-25969 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.

Learn more about our Cis Benchmark Audit For Microsoft Office.