PT-2018-10077 · 2345 · Shanghai 2345 Security Guard

Published

2018-05-04

Updated

2019-10-03

CVE-2018-10739

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Shanghai 2345 Security Guard version 3.7.0

Description An issue was discovered that allows local users to bypass intended process protections and terminate a process. This is because the WM SYSCOMMAND is not properly considered in the 2345MPCSafe.exe component.

Recommendations For Shanghai 2345 Security Guard version 3.7.0, consider restricting access to the 2345MPCSafe.exe component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-10739

Affected Products

Shanghai 2345 Security Guard

PT-2018-10077 · 2345 · Shanghai 2345 Security Guard

CVE-2018-10739

Related Identifiers

Affected Products

References · 3