CVE-2025-57227

HIGH

Kingo ROOT <1.5.8.3353 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-57227. PoCs published by Anish Feroz.

AI-analyzed exploit summary This is a technical writeup demonstrating an unquoted service path vulnerability in Kingo ROOT 1.5.8. The author provides evidence of the vulnerability by querying the service configuration and showing the unquoted path in the BINARY_PATH_NAME, which could allow local privilege escalation if an attacker plants a malicious executable in a path with spaces.

Description

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder.

Exploits (1)

exploitdb WRITEUP

by Anish Feroz · textlocalwindows

https://www.exploit-db.com/exploits/51707

View Code ZIP pw:eip

This is a technical writeup demonstrating an unquoted service path vulnerability in Kingo ROOT 1.5.8. The author provides evidence of the vulnerability by querying the service configuration and showing the unquoted path in the BINARY_PATH_NAME, which could allow local privilege escalation if an attacker plants a malicious executable in a path with spaces.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Kingo ROOT 1.5.8.3353

Auth required

Prerequisites: Local access to the system · Ability to write to a directory in the unquoted path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory

https://www.exploit-db.com/exploits/51707

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 6.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-428

Status published

Published Oct 29, 2025

Tracked Since Feb 18, 2026