Primary

Context

Kingosoft Technology Kingo ROOT Unquoted Service Path Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in Kingosoft Technology Ltd Kingo ROOT version 1.5.8.3353. The issue arises from an unquoted service path, which allows attackers to place a malicious executable in a parent directory, leading to unauthorized privilege escalation.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation on the affected system.

Reproduction

The vulnerability can be reproduced by placing a crafted executable file into a parent folder of the unquoted service path. Once the executable is in place, the service can be started, leading to privilege escalation.

Added: Oct 29, 2025, 6:19 PM

Updated: Oct 29, 2025, 9:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

4.6

remediation

0.0

relevance

0.8

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kingosoft Technology Kingo ROOT Unquoted Service Path Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating