CVE-2017-12653

HIGH

360 Total Security < 9.0.0.1202 - Privilege Escalation via Shcore.dll Path Hijacking

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-12653. PoCs published by SecuriTeam.

AI-analyzed exploit summary This writeup describes a DLL hijacking vulnerability in 360 Total Security on Windows 7, where the software attempts to load Shcore.dll from the PATH, allowing privilege escalation if a malicious DLL is planted.

Description

360 Total Security 9.0.0.1202 before 2017-07-07 allows Privilege Escalation via a Trojan horse Shcore.dll file in any directory in the PATH, as demonstrated by the C:\Python27 directory.

Exploits (1)

exploitdb WRITEUP

by SecuriTeam · remotewindows

https://www.exploit-db.com/exploits/44069

View Code ZIP pw:eip

This writeup describes a DLL hijacking vulnerability in 360 Total Security on Windows 7, where the software attempts to load Shcore.dll from the PATH, allowing privilege escalation if a malicious DLL is planted.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: 360 Total Security (versions prior to the patch released on 7/7/2017)

No auth needed

Prerequisites: 360 Total Security installed on Windows 7 · Ability to place a malicious DLL in a directory listed in the PATH system variable

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://blogs.securiteam.com/index.php/archives/3314#more-3314

Scores

CVSS v3 7.8

EPSS 0.0198

EPSS Percentile 78.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-427

Status published

Products (1)

360totalsecurity/360_total_security < 9.0.0.1202

Published Aug 07, 2017

Tracked Since Feb 18, 2026