Researchers from Tenable have found quite a few safety vulnerabilities in Comodo Antivirus. For now, the customers of this antivirus want to stay cautious because the distributors are but to roll-out fixes.
Native Privilege Escalation Flaw
A key vulnerability affecting Comodo Antivirus pertains to a local privilege escalation flaw in Cmdagent.exe file. As acknowledged in Tenable’s advisory, the vulnerability might let an attacker bypass official signing verify. This permits the attacker to raise native privileges.
An area course of can bypass the signature verify enforced by CmdAgent by way of course of hollowing which may then enable the method to invoke delicate COM strategies in CmdAgent reminiscent of writing to the registry with SYSTEM privileges.
Tenable marked this vulnerability CVE-2019-3969 as a excessive severity flaw that earned a CVSS v3.zero base rating of seven.8.
The researcher David Wells, in a separate blog post, described this vulnerability as a sandbox in addition to an LPE flaw. He additionally shared the proof of concept for the exploit alongside its demonstration within the following video.
Different Comodo Antivirus Bugs
Other than the above vulnerability, Tenable additionally discovered 4 different bugs affecting the software program. These embody an arbitrary file write vulnerability (CVE-2019-3970), a denial of service bug (CVE-2019-3971), an out-of-bounds learn flaw (CVE-2019-3972), and an out-of-bounds write flaw (CVE-2019-3973).
Patches But To Arrive
Tenable, upon discovering the vulnerabilities, disclosed the issues to Comodo in April this yr. Nonetheless, till the time of disclosure, the distributors couldn’t patch the issues.
Nonetheless, in an e-mail to Infosecurity, Comodo assured to roll-out the patches within the coming days.
There have been no reported incidents exploiting any of those vulnerabilities and no clients reporting associated points to us. The Comodo product staff has been working diligently to resolve all vulnerabilities and all fixes might be launched by Monday, July 29.
Therefore, Comodo customers should guarantee updating their gadgets as quickly because the fixes roll-out to remain protected.
Tell us your ideas within the feedback.