Products

Solutions

Company

Book A Live Demo

CVE-2017-12653 : Security Advisory and Response

Learn about CVE-2017-12653, a privilege escalation vulnerability in 360 Total Security 9.0.0.1202 before July 7, 2017. Find out how to mitigate the risk and prevent unauthorized access.

360 Total Security 9.0.0.1202 before July 7, 2017, has a vulnerability that can result in privilege escalation through a malicious file.

Understanding CVE-2017-12653

This CVE entry describes a privilege escalation vulnerability in 360 Total Security 9.0.0.1202.

What is CVE-2017-12653?

Before July 7, 2017, 360 Total Security 9.0.0.1202 was found to have a vulnerability that could lead to privilege escalation. This vulnerability is exploited through a Trojan horse file called Shcore.dll, which can be placed in any directory listed in the PATH. An example of this is the C:\Python27 directory.

The Impact of CVE-2017-12653

This vulnerability allows attackers to escalate their privileges on the affected system, potentially leading to unauthorized access and control.

Technical Details of CVE-2017-12653

360 Total Security 9.0.0.1202 is susceptible to privilege escalation due to a specific file manipulation.

Vulnerability Description

The vulnerability in 360 Total Security 9.0.0.1202 allows for privilege escalation by exploiting a Trojan horse file named Shcore.dll placed in a directory within the system's PATH.

Affected Systems and Versions

Product: 360 Total Security

Version: 9.0.0.1202

Vendor: Not applicable

Exploitation Mechanism

The exploit involves placing a malicious file (Shcore.dll) in a directory listed in the system's PATH, such as C:\Python27, to gain elevated privileges.

Mitigation and Prevention

To address CVE-2017-12653, immediate actions and long-term security practices are recommended.

Immediate Steps to Take

Remove any suspicious files, especially Shcore.dll, from directories in the system's PATH.

Regularly monitor and restrict access to critical system directories.

Long-Term Security Practices

Implement least privilege access controls to limit user permissions.

Keep software and security solutions up to date to prevent known vulnerabilities.

Patching and Updates

Ensure that 360 Total Security is updated to a secure version that addresses the privilege escalation vulnerability.

CVE-2017-12653 : Security Advisory and Response

Understanding CVE-2017-12653

What is CVE-2017-12653?

The Impact of CVE-2017-12653

Technical Details of CVE-2017-12653

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2017-12653 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2017-12653

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2017-12653?

The Impact of CVE-2017-12653

Technical Details of CVE-2017-12653

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2017-12653

What is CVE-2017-12653?

Is your System Free of Underlying Vulnerabilities?
Find Out Now