| |
Vulnerability CVE-2018-10425
Published: 2018-04-26
| Description: |
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because SetParent is not properly considered. |
Type:
CWE-noinfo
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://github.com/rebol0x6c/2345poc
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
