CVE-2018-10425

HIGH

Shanghai 2345 Security Guard <3.7.0 - Privilege Escalation

Title source: llm

Description

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because SetParent is not properly considered.

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/rebol0x6c/2345poc

View Exploit ZIP pw:eip

Scores

CVSS v3 7.8

EPSS 0.0005

EPSS Percentile 15.6%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

hz-soft/security_guard 3.7.0

Published Apr 26, 2018

Tracked Since Feb 18, 2026