CVE-2022-50808

High CVSS: 8.5

CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system reboot.

Vendor

Product

CWE

CWE-427

Yayın Tarihi

2026-01-13 23:15:50

Güncelleme

2026-01-14 16:25:12

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-427 HIGH 2026

Referanslar

https://masterplus.coolermaster.com/ https://www.exploit-db.com/exploits/51159 https://www.vulncheck.com/advisories/coolermaster-masterplus-mpservice-unquoted-service-path