CVE-2020-15724 : Exploit Details and Defense Strategies

360 Total Security version 12.1.0.1005 and below contain a local privilege escalation vulnerability that could allow an attacker to execute arbitrary code on the local system.

Understanding CVE-2020-15724

In the version 12.1.0.1005 and below of 360 Total Security, a local privilege escalation vulnerability exists, posing a security risk.

What is CVE-2020-15724?

This CVE refers to a vulnerability in 360 Total Security versions 12.1.0.1005 and below that enables attackers to execute arbitrary code on the local system.

The Impact of CVE-2020-15724

The vulnerability allows for local privilege escalation, potentially leading to unauthorized code execution on the affected system.

Technical Details of CVE-2020-15724

360 Total Security version 12.1.0.1005 and below are susceptible to a local privilege escalation vulnerability.

Vulnerability Description

When the Gamefolde calls GameChrome.exe in the affected versions, an attacker could exploit DLL hijacking to bypass the hips and execute arbitrary code on the local system.

Affected Systems and Versions

Product: 360 Total Security
Version: 12.1.0.1005 and below

Exploitation Mechanism

The vulnerability can be exploited through DLL hijacking to bypass the hips, enabling the execution of arbitrary code on the local system.

Mitigation and Prevention

To address CVE-2020-15724, users and organizations should take immediate and long-term security measures.

Immediate Steps to Take

Update 360 Total Security to the latest version to patch the vulnerability.
Monitor for any suspicious activities on the system.

Long-Term Security Practices

Implement least privilege access to limit potential damage from privilege escalation attacks.
Regularly update and patch all software to prevent known vulnerabilities.

Patching and Updates

Ensure timely installation of security patches and updates for 360 Total Security to mitigate the risk of exploitation.