Wondershare Dr.fone
by Wondershare
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-50904 | Hig | 0.55 | 8.4 | 0.00 | Jan 13, 2026 | Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run… | ||
| CVE-2022-50902 | Hig | 0.55 | 8.4 | 0.00 | Jan 13, 2026 | Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious… | ||
| CVE-2022-50690 | Hig | 0.55 | 8.4 | 0.00 | Dec 22, 2025 | Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges. | ||
| CVE-2020-36977 | Hig | 0.51 | 7.8 | 0.00 | Jan 27, 2026 | Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious… | ||
| CVE-2020-23438 | Hig | 0.51 | 7.8 | 0.00 | Mar 4, 2025 | Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation. | ||
| CVE-2024-26574 | Hig | 0.51 | 7.8 | 0.00 | Apr 8, 2024 | Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe | ||
| CVE-2020-27992 | Hig | 0.51 | 7.8 | 0.00 | Nov 2, 2020 | Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | ||
| CVE-2019-25344 | 0.00 | — | 0.00 | Feb 12, 2026 | Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to… | |||
| CVE-2022-50903 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific… | |||
| CVE-2022-50901 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious… | |||
| CVE-2022-50900 | 0.00 | — | 0.00 | Jan 13, 2026 | Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem… |
- risk 0.55cvss 8.4epss 0.00
Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run…
- risk 0.55cvss 8.4epss 0.00
Wondershare FamiSafe 1.0 contains an unquoted service path vulnerability in the FSService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\FamiSafe\ to inject malicious…
- risk 0.55cvss 8.4epss 0.00
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges.
- risk 0.51cvss 7.8epss 0.00
Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious…
- risk 0.51cvss 7.8epss 0.00
Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.
- risk 0.51cvss 7.8epss 0.00
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
- risk 0.51cvss 7.8epss 0.00
Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users.
- CVE-2019-25344Feb 12, 2026risk 0.00cvss —epss 0.00
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to…
- CVE-2022-50903Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare MobileTrans 3.5.9 contains an unquoted service path vulnerability in the ElevationService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path by placing malicious executables in specific…
- CVE-2022-50901Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare Dr.Fone 11.4.9 contains an unquoted service path vulnerability in the DFWSIDService that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone\ to inject malicious…
- CVE-2022-50900Jan 13, 2026risk 0.00cvss —epss 0.00
Wondershare Dr.Fone 12.0.18 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the misconfigured service path to insert malicious code that will be executed with LocalSystem…