Описание
In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 12.1.0.1004 (включая)
cpe:2.3:a:360totalsecurity:360_total_security:*:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-427
Связанные уязвимости
github
больше 3 лет назад
In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacking to bypass the hips could execute arbitrary code on the Local system.
EPSS
Процентиль: 15%
0.00047
Низкий
7.8 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-427