exploitDog

GHSA-7j59-r42w-vhpq

Опубликовано: 14 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 8.5

CVSS3: 8.4

Описание

EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges.

EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges.

Ссылки

EPSS

Процентиль: 2%

0.00013

Низкий

8.5 High

CVSS4

8.4 High

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2022-50914

CVSS3: 8.4

nvd

25 дней назад

EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges.

EPSS

Процентиль: 2%

0.00013

Низкий

8.5 High

CVSS4

8.4 High

CVSS3

CVE ID

Дефекты

CWE-428