CVE-2020-35364
CRITICALBeijing Huorong Internet Security <5.0.55.2 - Privilege Escalation
Title source: llmDescription
Beijing Huorong Internet Security 5.0.55.2 allows a non-admin user to escalate privileges by injecting code into a process, and then waiting for a Huorong services restart or a system reboot.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/yangfan6888/PoC
Exploit, Third Party Advisory x_refsource_misc
https://github.com/yangfan6888/PoC/blob/main/PoC.cpp
Scores
CVSS v3
9.8
EPSS
0.0187
EPSS Percentile
76.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
huorong/internet_security
5.0.55.2
Published
Dec 26, 2020
Tracked Since
Feb 18, 2026