CVE-2023-31275: WPS Office Vulnerability Exposes Users to Remote Code Execution

Recently, Cisco’s Talos threat intelligence and research group unearthed a critical vulnerability in WPS Office, a popular productivity suite.

Formerly known as Kingsoft Office, WPS Office is a versatile suite widely used in corporate and individual settings. It encompasses various applications like WPS Spreadsheets and WPS Writer, catering to diverse document editing and spreadsheet management needs. Its widespread adoption makes the discovery of this vulnerability particularly alarming.

Tracked as CVE-2023-31275 and assigned a worrying CVSS score of 8.8, the vulnerability was identified in version 11.2.0.11537 of WPS Office. The crux of the issue lies in an uninitialized pointer use vulnerability within the software’s functionality that processes Data elements in Excel files. This flaw could be exploited through a specially crafted, malformed file, leading to remote code execution. The implication is clear: an attacker could potentially gain control over a user’s system simply by convincing them to open a malicious file.

The CVE-2023-31275 vulnerability was uncovered by Marcin ‘Icewall’ Noga of Cisco Talos. The team published a detailed technical analysis of the security flaw on Monday, revealing how successful exploitation could lead to remote code execution. The researchers explained, “The value of an uninitialized Data object pointer is used in both read and write operations. When combined with precise heap grooming, this can lead to exact memory corruption, and consequently, remote code execution.”

This revelation about WPS Office’s vulnerability is a stark reminder of the inherent risks in digital tools. For users and businesses relying on WPS Office, the message is clear: stay alert to updates and patches from the software provider that address this serious flaw. In the interim, caution is advised when opening files from unknown or untrusted sources, as these could be gateways for potential exploits.