CVE-2024-11957: Arbitrary Code Execution in WPS Office

9.3 CVSS

Description

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276

on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough.

Classification

CVE ID: CVE-2024-11957

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.3

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:H

Problem Types

CWE-347: Improper Verification of Cryptographic Signature

Affected Products

Vendor: Kingsoft

Product: WPS Office

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.25% (scored less or equal to compared to others)

EPSS Date: 2025-04-02 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-11957
https://www.welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office/

Timeline

2025-03-04 16:40:18 UTC
CVE

Arbitrary Code Execution in WPS Office