Cyber Posture

CVE-2019-25344

HighPublic PoCLPE

Published: 12 February 2026

Published
12 February 2026
Modified
26 February 2026
KEV Added
Patch
CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0002 5.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2019-25344 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Wondershare Mobilego. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 5.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-6 (Configuration Settings).

Threat & Defense at a Glance

What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SC-34 Non-modifiable Executable Programs good match
prevent

Directly requires processes to protect application executables like MobileGo.exe from unauthorized modification by local users.

CM-6 Configuration Settings good match
prevent

Mandates restrictive configuration settings on application directories and files to prevent low-privileged local users from modifying executables.

AC-6 Least Privilege good match
prevent

Enforces least privilege to ensure low-privileged local users lack write access to the application's installation directory and executables.

NVD Description

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it…

more

to the Administrators group with full system access.

Deeper analysisAI

CVE-2019-25344 is an insecure file permissions vulnerability (CWE-732) in Wondershare MobileGo version 8.5.0. The flaw enables local users to modify executable files in the application's installation directory due to inadequate permissions on these files.

A local attacker with low privileges can exploit this vulnerability by replacing the legitimate MobileGo.exe with a malicious executable. When the application is launched by an administrator or under elevated context, the substituted binary executes with sufficient rights to create a new user account and add it to the Administrators group, achieving full system access. The issue carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high impacts on confidentiality, integrity, and availability.

Advisories and resources, including a proof-of-concept exploit at https://www.exploit-db.com/exploits/47667 and a VulnCheck advisory at https://www.vulncheck.com/advisories/mobilego-insecure-file-permissions, detail the vulnerability. Vendor pages at https://www.wondershare.net/ and https://www.wondershare.net/mobilego/ provide additional context on the software.

Details

CWE(s)
CWE-732

Affected Products

wondershare
mobilego
8.5.0

CVEs Like This One

CVE-2022-50900Same vendor: Wondershare
CVE-2022-50901Same vendor: Wondershare
CVE-2022-50903Same vendor: Wondershare
CVE-2024-38337Shared CWE-732
CVE-2025-0064Shared CWE-732
CVE-2026-24834Shared CWE-732
CVE-2025-1067Shared CWE-732
CVE-2026-26102Shared CWE-732
CVE-2025-0066Shared CWE-732
CVE-2025-33088Shared CWE-732

References