CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-23438
https://notcve.org/view.php?id=CVE-2020-23438
04 Mar 2025 — Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation. • https://cvewalkthrough.com/cve-2020-23438-wondershare-filmora-9-2-11-trojan-dll-hijacking-leading-to-privilege-escalation • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-26574
https://notcve.org/view.php?id=CVE-2024-26574
08 Apr 2024 — Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe La vulnerabilidad de permisos inseguros en Wondershare Filmora v.13.0.51 permite a un atacante local ejecutar código arbitrario a través de un script manipulado en WSNativePushService.exe • https://github.com/Alaatk/CVE-2024-26574 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2023-31747 – Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-31747
19 May 2023 — Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges. Filmora version 12 Build 1.0.0.7 suffers from an unquoted service path vulnerability. • https://packetstorm.news/files/id/172464 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27760
https://notcve.org/view.php?id=CVE-2023-27760
04 Apr 2023 — An issue found in Wondershare Technology Co, Ltd Filmora v.12.0.9 allows a remote attacker to execute arbitrary commands via the filmora_setup_full846.exe. • https://github.com/liong007/Wondershare/issues/9 • CWE-426: Untrusted Search Path •