CVE-2023-31747

HIGH

Wondershare Filmora <12.2.1.2088 - Privilege Escalation

Title source: llm

Description

Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.

Exploits (2)

exploitdb WRITEUP

by Thurein Soe · textlocalwindows

https://www.exploit-db.com/exploits/51483

View Code ZIP pw:eip

nomisec WORKING POC

by msd0pe-1 · poc

https://github.com/msd0pe-1/CVE-2023-31747

View Code ZIP pw:eip

References (3)

[Not Applicable] http://filmora.com

[Product] http://wondershare.com

[Exploit, Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/172464/Filmora-12-Build-1.0.0.7-Unquoted-Service-Path.html

Scores

CVSS v3 7.8

EPSS 0.0096

EPSS Percentile 76.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

wondershare/filmora 12

Published May 23, 2023

Tracked Since Feb 18, 2026