Primary

Context

Wondershare MirrorGo Local Privilege Escalation Vulnerability

Vulnerability

A local privilege escalation vulnerability has been identified in Wondershare MirrorGo version 2.0.11.346. This issue arises from incorrect file permissions on executable files, allowing unprivileged local users to replace 'ElevationService.exe' with a malicious file. The replacement file can then be executed with LocalSystem privileges, potentially leading to arbitrary code execution.

Impact

Exploitation of this vulnerability allows for local privilege escalation, with unauthorized users gaining LocalSystem privileges.

Reproduction

The vulnerability can be reproduced by taking advantage of the insecure file permissions on executable files within the Wondershare MirrorGo installation directory. Unprivileged users can replace 'ElevationService.exe' with a malicious version, which will be executed by the 'ElevationService' Windows service running under LocalSystem privileges.

Added: Dec 22, 2025, 10:25 PM

Updated: Dec 22, 2025, 10:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

1.6

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wondershare MirrorGo Local Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating