CVE-2023-31747

HIGH

Wondershare Filmora <12.2.1.2088 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2023-31747. PoCs published by Thurein Soe, msd0pe-1.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in Wondershare NativePush (Build 1.0.0.7) as part of Filmora 12, leading to local privilege escalation. The service 'NativePushService' runs with SYSTEM privileges and is vulnerable due to an unquoted path, allowing local users to replace the executable and escalate privileges.

Description

Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.

Exploits (2)

exploitdb WRITEUP

by Thurein Soe · textlocalwindows

https://www.exploit-db.com/exploits/51483

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in Wondershare NativePush (Build 1.0.0.7) as part of Filmora 12, leading to local privilege escalation. The service 'NativePushService' runs with SYSTEM privileges and is vulnerable due to an unquoted path, allowing local users to replace the executable and escalate privileges.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Wondershare NativePush (Build 1.0.0.7) in Filmora 12 (Build 12.2.1.2088)

Auth required

Prerequisites: Local access to the system · Write permissions to the directory containing the vulnerable service executable

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by msd0pe-1 · poc

https://github.com/msd0pe-1/CVE-2023-31747

View Code ZIP pw:eip

This PoC demonstrates an unquoted service path vulnerability in Wondershare Filmora, allowing local privilege escalation to SYSTEM by exploiting the service's executable path. The exploit involves placing a malicious executable in a directory that Windows will search due to the unquoted path.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Wondershare Filmora <= 12.2.9.2233

Auth required

Prerequisites: Local access to the target system · Ability to write to a directory in the unquoted service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Not Applicable

http://filmora.com

Product

http://wondershare.com

Exploit, Third Party Advisory, VDB Entry

https://packetstormsecurity.com/files/172464/Filmora-12-Build-1.0.0.7-Unquoted-Service-Path.html

Scores

CVSS v3 7.8

EPSS 0.0117

EPSS Percentile 63.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-428

Status published

Products (1)

wondershare/filmora 12

Published May 23, 2023

Tracked Since Feb 18, 2026