CVE-2022-25969: 
Kingsoft WPS Office vulnerability analysis and mitigation

The vulnerability (CVE-2022-25969) affects the installer of WPS Office Version 10.8.0.6186. It involves an insecure DLL loading issue that was discovered and reported on March 14, 2022. The vulnerability specifically relates to the insecure loading of VERSION.DLL and other DLLs during the installation process (CVE Mitre, JVN Report).

The vulnerability is classified as an insecure DLL loading issue (CWE-427). According to the technical assessment, the CVSS v3 base score is 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The vulnerability specifically occurs when the WPS Office installer insecurely loads VERSION.DLL or other DLLs during the installation process (JVN Report).

When exploited, this vulnerability allows an attacker to execute arbitrary code with the privilege level of the user invoking the installer. This means that if a user with administrative privileges runs the installer, the attacker could potentially execute code with those elevated privileges (JVN Report).

KINGSOFT JAPAN, INC. has addressed this vulnerability in newer versions of the software. Users are recommended to upgrade to WPS Office2 for Windows version 11.82.8498 or later versions, which was released in May 2020. The developer has confirmed that the vulnerability has been resolved in these updated versions (Kingsoft Support, JVN Report).