JVN#36060509
"WPS Office" vulnerable to OS command injection
Overview
"WPS Office" which was provided by KINGSOFT JAPAN, INC. contains an OS command injection vulnerability.
Products Affected
- WPS Office version 10.8.0.6186
Description
"WPS Office" which was provided by KINGSOFT JAPAN, INC. contains an OS command injection vulnerability (CWE-78).
Impact
If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is installed.
Solution
Stop using "WPS Office" and switch to "WPS Office2"
The developer states that "WPS Office" is no longer supported, and recommends users to use an alternative unaffected product "WPS Office2" .
For more information, refer to the information provided by the developer.
Vendor Status
| Vendor | Link |
| KINGSOFT JAPAN, INC. | Vulnerability of "WPS Office (Japanese version)" (Text in Japanse) |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Comment
This analysis assumes a man-in-the-middle attack being conducted by a remote attacker.
Credit
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2023-32548 |
| JVN iPedia |
JVNDB-2023-000062 |