Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot.
Metrics
Affected Vendors & Products
References
History
Tue, 23 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 19 Jun 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wondershare
Wondershare pdfelement |
|
| Vendors & Products |
Wondershare
Wondershare pdfelement |
Fri, 19 Jun 2026 18:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot. | |
| Title | Wondershare PDFelement 5.2.9 Privilege Escalation via Unquoted Service Path | |
| Weaknesses | CWE-428 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: VulnCheck
Published: 2026-06-19T14:16:52.124Z
Updated: 2026-06-23T18:52:53.750Z
Reserved: 2026-06-19T14:08:04.388Z
Link: CVE-2020-37254
Updated: 2026-06-23T18:52:49.771Z
No data.
No data.