CVE-2024-22752

HIGH

EaseUS MobiMover <6.0.5 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-22752. PoCs published by hacker625.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2024-22752, an elevation of privilege vulnerability in EaseUS MobiMover 6.0.5. The exploit leverages weak file permissions to replace a service executable with a malicious binary, achieving privilege escalation when an administrator runs the application.

Description

Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory.

Exploits (1)

nomisec WORKING POC

by hacker625 · poc

https://github.com/hacker625/CVE-2024-22752

View Code ZIP pw:eip

This repository provides a functional proof-of-concept for CVE-2024-22752, an elevation of privilege vulnerability in EaseUS MobiMover 6.0.5. The exploit leverages weak file permissions to replace a service executable with a malicious binary, achieving privilege escalation when an administrator runs the application.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: EaseUS MobiMover 6.0.5 Build 21620

Auth required

Prerequisites: Authenticated user access · EaseUS MobiMover installed with vulnerable permissions · Ability to transfer files to the target system

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Various Sources

https://github.com/hacker625/CVE-2024-22752

Scores

CVSS v3 8.1

EPSS 0.0063

EPSS Percentile 45.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Published Mar 07, 2024

Tracked Since Feb 18, 2026