CVE-2024-13187 | Kingsoft WPS Office 6.14.0 on macOS TCC code injection

A vulnerability was found in Kingsoft WPS Office 6.14.0 on macOS. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component TCC Handler. The manipulation leads to code injection.

This vulnerability is known as CVE-2024-13187. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-13187 | Kingsoft WPS Office 6.14.0 on macOS TCC code injection

Post correlati

CVE-2024-25597 | Etoile Web Design Ultimate Reviews Plugin up to 3.2.8 on WordPress cross site scripting

CVE-2024-44730 | MiroTalk Chat Message handleDataChannelChat access control (c21d58)

CVE-2021-34959 | Foxit PDF Editor 11.0.0.49893 Square Annotation use after free (ZDI-21-1190)

CVE-2024-1659 | Jan Syski MegaBIP up to 5.10 unrestricted upload