VYPR
Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Mar 5, 2026

Wondershare Dr.Fone 12.0.18 - 'Wondershare InstallAssist' Unquoted Service Path

CVE-2022-50900

Description

Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem permissions during service startup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.