DLL hijacking version 12.1.0.1004 Untrusted Search Path Vulnerability

Summary

In version 12.1.0.1004 and below of 360 Total Security,when TPI calls the browser process, there exists a local privilege escalation vulnerability. 

Credit:

The information has been provided by Vendor

The original article can be found at:https://security.360.cn/News/news/id/232


Details

An attacker who could exploit DLL hijacking could execute arbitrary code on the Local system.

 

Vulnerable Systems:

DLL hijacking version 12.1.0.1004

 

CVE Information:

CVE-2020-15722

 

Disclosure Timeline:
Published Date:7/21/2020

Categories: News