What is the severity of CVE-2017-12653?

CVE-2017-12653 has been classified as a high severity vulnerability due to its potential for privilege escalation.

How do I fix CVE-2017-12653?

To fix CVE-2017-12653, update to a version of 360 Total Security greater than 9.0.0.1202.

What type of vulnerability is CVE-2017-12653?

CVE-2017-12653 is a privilege escalation vulnerability that can be exploited via a malicious Shcore.dll file.

What software is affected by CVE-2017-12653?

CVE-2017-12653 affects 360 Total Security versions prior to 9.0.0.1202.

Is there a public exploit for CVE-2017-12653?

Yes, there are public demonstrative exploits available for CVE-2017-12653 that illustrate the privilege escalation vector.

Vulnerability/
CVE-2017-12653

high

7.8

CWE

427

7/8/2017

3/10/2019

CVE-2017-12653

First published: Mon Aug 07 2017(Updated: )

360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
G DATA Total Security	<=9.0.0.1202

Never miss a vulnerability like this again

Reference Links

https://blogs.securiteam.com/index.php/archives/3314#more-3314

Frequently Asked Questions

What is the severity of CVE-2017-12653?
CVE-2017-12653 has been classified as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2017-12653?
To fix CVE-2017-12653, update to a version of 360 Total Security greater than 9.0.0.1202.
What type of vulnerability is CVE-2017-12653?
CVE-2017-12653 is a privilege escalation vulnerability that can be exploited via a malicious Shcore.dll file.
What software is affected by CVE-2017-12653?
CVE-2017-12653 affects 360 Total Security versions prior to 9.0.0.1202.
Is there a public exploit for CVE-2017-12653?
Yes, there are public demonstrative exploits available for CVE-2017-12653 that illustrate the privilege escalation vector.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/severity
agent/references
agent/author
agent/weakness
agent/softwarecombine
agent/tags
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/360totalsecurity
canonical/g data total security
version/g data total security/9.0.0.1202

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2017-12653?
CVE-2017-12653 has been classified as a high severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2017-12653?
To fix CVE-2017-12653, update to a version of 360 Total Security greater than 9.0.0.1202.
What type of vulnerability is CVE-2017-12653?
CVE-2017-12653 is a privilege escalation vulnerability that can be exploited via a malicious Shcore.dll file.
What software is affected by CVE-2017-12653?
CVE-2017-12653 affects 360 Total Security versions prior to 9.0.0.1202.
Is there a public exploit for CVE-2017-12653?
Yes, there are public demonstrative exploits available for CVE-2017-12653 that illustrate the privilege escalation vector.