VYPR
← All advisories
Unrated severityNVD Advisory· Published Mar 17, 2022· Updated Aug 3, 2024

CVE-2022-26081

CVE-2022-26081

Description

The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

WPS Office installer version 10.8.0.5745 insecurely loads shcore.dll, enabling arbitrary code execution with user privileges.

Vulnerability

The installer of WPS Office version 10.8.0.5745 (and earlier versions before 10.8.0.6186) insecurely loads the DLL shcore.dll from the same folder as the installer executable (wps.1.9.exe). This is a DLL hijacking vulnerability (CWE-427). The affected product is WPS Office versions prior to 10.8.0.6186 [1][2].

Exploitation

An attacker must trick the user into placing a malicious shcore.dll file in the same directory as the WPS Office installer. When the user runs the installer, the malicious DLL is loaded automatically. No authentication is required beyond user interaction to run the installer [1].

Impact

Successful exploitation allows arbitrary code execution with the privilege of the user invoking the installer. The attacker gains the same user-level access, potentially leading to full compromise of the user's data and system [1].

Mitigation

The vulnerability is fixed in WPS Office version 10.8.0.6186. Users should upgrade to this version or later. The developer states that older versions are no longer supported and recommends switching to alternative products if upgrade is not possible [1][2].

References
  1. Multiple vulnerabilities in KINGSOFT "WPS Office" and "KINGSOFT Internet Security"
  2. WPS Office,KINGSOFT Internet Security の脆弱性に関するお知らせ

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Kingsoft/Wps Officellm-fuzzy
    Range: =10.8.0.5745
  • KINGSOFT JAPAN, INC./The installer of WPS Officev5
    Range: Reported for Version 10.8.0.5745

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.