CVE-2025-57227
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-10-30
Assigner: MITRE
Description
Description
An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| kingosoft | kingo_root | 1.5.8.3353 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unquoted service path issue in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353. It allows attackers to escalate privileges by placing a specially crafted executable file into a parent folder of the service path, which the system may execute with higher privileges.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can gain elevated privileges on the affected system, potentially allowing them to execute malicious code with higher permissions, leading to unauthorized access or control over the system.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70