CVE-2018-10739

Vulnerability

An issue exists in Shanghai 2345 Security Guard version 3.7.0. The component 2345MPCSafe.exe does not properly handle the WM_SYSCOMMAND window message. This oversight allows a local attacker to send crafted WM_SYSCOMMAND messages to the target process, bypassing the intended protection mechanisms that should prevent unauthorized termination of the security software's processes [1].

Exploitation

An attacker must have local access to the system. The exploit involves sending a WM_SYSCOMMAND message with the SC_CLOSE command to the window handle of the protected process. No additional authentication or user interaction beyond local access is required [1].

Impact

By exploiting this vulnerability, a local attacker can terminate the protected process (2345MPCSafe.exe), effectively disabling the protection offered by the 2345 Security Guard. This could lead to a denial of service condition, as the security software's process is forcefully closed. The attacker gains the ability to bypass the software's process protection [1].

Mitigation

The vendor, Shanghai 2345, has not released a public patch or fixed version for this vulnerability as of the publication date (2018-05-04). No workaround is provided in the available references. Users are advised to consider alternative security software until an update is available [1].