CVE-2025-5180

Public Exploit

Wondershare Filmora Installer NFWCHK.exe uncontrolled search path

Description

A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16. Affected by this issue is some unknown functionality in the library CRYPTBASE.dll of the file NFWCHK.exe of the component Installer. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References

Link	Tags
https://vuldb.com/?id.310268	third party advisory vdb entry
https://vuldb.com/?ctiid.310268	signature vdb entry permissions required
https://vuldb.com/?submit.580226	third party advisory vdb entry
https://gist.github.com/shellkraft/aa66561e984e83052bd080f195a3ec80	exploit

Frequently Asked Questions

What is the severity of CVE-2025-5180?: CVE-2025-5180 has been scored as a high severity vulnerability.
How to fix CVE-2025-5180?: To fix CVE-2025-5180, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-5180 being actively exploited in the wild?: It is possible that CVE-2025-5180 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-5180?: CVE-2025-5180 affects Wondershare Filmora.

Description

Categories

CWE-426 – Untrusted Search Path

CWE-427 – Uncontrolled Search Path Element

References

Frequently Asked Questions