CVE-2018-18603

Name of the Vulnerable Software and Affected Versions 360 Total Security version 3.5.0.1033

Description The issue allows a Sandbox Escape via an import os statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. The vendor considers this a security-related issue but does not categorize it as a vulnerability.

Recommendations For 360 Total Security version 3.5.0.1033, as a temporary workaround, consider restricting the execution of .py files within the sandbox environment until a resolution is provided. At the moment, there is no information about a newer version that contains a fix for this issue.