Skip to main content

360 Total Security

6 CVEs product

Monthly

CVE-2024-22014 HIGH POC This Week

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft 360 Total Security
NVD GitHub
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-15724 HIGH This Week

In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-15723 HIGH This Week

In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-15722 HIGH This Week

In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-18603 MEDIUM POC This Month

360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 360 Total Security
NVD GitHub
CVSS 3.0
6.3
EPSS
0.9%
CVE-2017-12653 HIGH POC This Week

360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation 360 Total Security
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.2%
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue discovered in 360 Total Security Antivirus through 11.0.0.1061 for Windows allows attackers to gain escalated privileges via Symbolic Link Follow to Arbitrary File Delete. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft 360 Total Security
NVD GitHub
EPSS 1% CVSS 7.8
HIGH This Week

In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
EPSS 0% CVSS 7.8
HIGH This Week

In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Privilege Escalation 360 Total Security
NVD
EPSS 1% CVSS 6.3
MEDIUM POC This Month

360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 360 Total Security
NVD GitHub
EPSS 2% CVSS 7.8
HIGH POC This Week

360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation 360 Total Security
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy