Security Advisory
After the bug is fixed, we will issue a security advisory on the website, and what problems have been fixed in the latest software release.
| CVE | Product | Description | Vulnerability Level | Researcher | Date |
|---|---|---|---|---|---|
| CVE-2020-15724 | 360safeguard 12.1.0.1005 | In the version 12.1.0.1005 and below of 360safeguard, when the Gamefolde calls GameChrome.exe, there exists a local privilge escalation vulnerability.An attacker who could exploited DLL hijacking to bypass the hips could execute arbitrary code on the Local system. | High | windowsnobugs | 2020.6.15 |
| CVE-2020-15723 | 360safeguard 12.1.0.1004 | In the version 12.1.0.1004 and below of 360safeguard, when the main process of 360safeguard calls GameChrome.exe, there exists a local privilge escalation vulnerability.An attacker who could exploited DLL hijacking to bypass the hips could execute arbitrary code on the Local system. | High | windowsnobugs | 2020.6.8 |
| CVE-2020-15722 | 360safeguard 12.1.0.1004 | In version 12.1.0.1004 and below of 360safeguard, when TPI calls the browser process, there exists a local privilge escalation vulnerability.An attacker who could exploited DLL hijacking could execute arbitrary code on the Local system. | Critical | windowsnobugs | 2020.5.18 |
| CVE-2018-19031 | 360 Safe Router P1 | A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products. | High | Anonymous | 2018.10.3 |
