CVE-2023-27010

HIGH

Wondershare Dr.Fone <12.9.6 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-27010. PoCs published by Thurein Soe.

AI-analyzed exploit summary This exploit demonstrates a local privilege escalation vulnerability in Wondershare Dr Fone 12.9.6 due to weak service permissions on the WsDrvInst service. The DriverInstall.exe executable has overly permissive ACLs, allowing any authenticated user to modify it and escalate privileges to SYSTEM.

Description

Wondershare Dr.Fone v12.9.6 was discovered to contain weak permissions for the service WsDrvInst. This vulnerability allows attackers to escalate privileges via modifying or overwriting the executable.

Exploits (1)

exploitdb WORKING POC
by Thurein Soe · textlocalwindows
https://www.exploit-db.com/exploits/51324

This exploit demonstrates a local privilege escalation vulnerability in Wondershare Dr Fone 12.9.6 due to weak service permissions on the WsDrvInst service. The DriverInstall.exe executable has overly permissive ACLs, allowing any authenticated user to modify it and escalate privileges to SYSTEM.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Wondershare Dr Fone 12.9.6
Auth required
Prerequisites: Local access to the target system · Wondershare Dr Fone 12.9.6 installed · Standard user privileges
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.0102
EPSS Percentile 58.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-250
Status published
Products (1)
wondershare/dr.fone 12.9.6
Published Mar 13, 2023
Tracked Since Feb 18, 2026