CVE-2014-3222

HIGH

Huawei eSpace Meeting < V100R001C03SPC201 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3222. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit describes a local privilege escalation vulnerability in Huawei eSpace Meeting Service 1.0.0.23 due to improper file permissions on the 'eMservice.exe' binary, allowing users to replace it with a malicious binary to gain SYSTEM privileges on reboot.

Description

In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/32205

View Code ZIP pw:eip

The exploit describes a local privilege escalation vulnerability in Huawei eSpace Meeting Service 1.0.0.23 due to improper file permissions on the 'eMservice.exe' binary, allowing users to replace it with a malicious binary to gain SYSTEM privileges on reboot.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Huawei eSpace Meeting Service 1.0.0.23 (V100R001C03SPC201B050)

Auth required

Prerequisites: Local user access · Ability to replace the 'eMservice.exe' binary

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1059.003 - Windows Command Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://www.huawei.com/en/psirt/security-advisories/hw-329170

Scores

CVSS v3 7.0

EPSS 0.0064

EPSS Percentile 45.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (2)

huawei/espace_meeting < v100r001c03spc201

n/a/eSpace Meeting V100R001C03SPC201 and the earlier versions eSpace Meeting V100R001C03SPC201 and the earlier versions

Published Apr 02, 2017

Tracked Since Feb 18, 2026