Login Sign Up

CVE-2021-33975

10.0 CRITICAL
Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in Qihoo 360 Total Security allows attackers to execute arbitrary code with elevated privileges. This affects users running vulnerable versions of the security software, potentially compromising the entire system. The vulnerability stems from improper bounds checking (CWE-120) in the software's components.

💻 Affected Systems

Products:
  • Qihoo 360 Total Security
Versions: v10.8.0.1060 and v10.8.0.1213
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable regardless of configuration settings.

📦 What is this software?

Safe Browser by Browser.360

View all CVEs affecting Safe Browser →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with SYSTEM/root privileges, enabling installation of persistent malware, data theft, and lateral movement across networks.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls, disable antivirus protection, and gain administrative access to the system.

🟢

If Mitigated

Limited impact if proper endpoint protection, application whitelisting, and least privilege principles are enforced.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access to the system. Proof-of-concept code has been publicly shared in pastebin links and blog posts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after v10.8.0.1213

Vendor Advisory: Not publicly available

Restart Required: Yes

Instructions:

1. Open Qihoo 360 Total Security
2. Navigate to Settings > Update
3. Click 'Check for Updates'
4. Install any available updates
5. Restart the computer

🔧 Temporary Workarounds

Uninstall vulnerable version

windows

Remove Qihoo 360 Total Security and replace with alternative security software

Control Panel > Programs > Uninstall a program > Select 'Qihoo 360 Total Security' > Uninstall

Restrict execution privileges

windows

Apply least privilege principles to limit damage from successful exploitation

🧯 If You Can't Patch

  • Disable or uninstall Qihoo 360 Total Security immediately
  • Implement application control/whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Qihoo 360 Total Security version in the application's About section or Windows Programs list

Check Version:

wmic product where name="Qihoo 360 Total Security" get version

Verify Fix Applied:

Verify version is newer than v10.8.0.1213 and no longer shows the vulnerable version numbers

📡 Detection & Monitoring

Log Indicators:

  • Unusual process creation from Qihoo 360 processes
  • Failed privilege escalation attempts in Windows Event Logs
  • Antivirus service crashes or unexpected terminations

Network Indicators:

  • Unusual outbound connections from Qihoo 360 processes
  • Beaconing behavior from compromised systems

SIEM Query:

Process Creation where (Image contains "360" OR ParentImage contains "360") AND (CommandLine contains unusual patterns)

📊 Metadata

CVE ID: CVE-2021-33975
CVSS v3 Score: 10.0 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE: CWE-120
Published: April 19, 2023
Last Updated: February 5, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-33975, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)