Researchers from Tenable have discovered numerous security vulnerabilities in Comodo Antivirus. For now, the users of this antivirus need to remain cautious as the vendors are yet to roll-out fixes.
Local Privilege Escalation Flaw
A key vulnerability affecting Comodo Antivirus relates to a local privilege escalation flaw in Cmdagent.exe file. As stated in Tenable’s advisory, the vulnerability could let an attacker bypass legitimate signing check. This allows the attacker to elevate local privileges.
A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent such as writing to the registry with SYSTEM privileges.
Tenable marked this vulnerability CVE-2019-3969 as a high severity flaw that earned a CVSS v3.0 base score of 7.8.
The researcher David Wells, in a separate blog post, described this vulnerability as a sandbox as well as an LPE flaw. He also shared the proof of concept for the exploit alongside its demonstration in the following video.
Other Comodo Antivirus Bugs
Apart from the above vulnerability, Tenable also found four other bugs affecting the software. These include an arbitrary file write vulnerability (CVE-2019-3970), a denial of service bug (CVE-2019-3971), an out-of-bounds read flaw (CVE-2019-3972), and an out-of-bounds write flaw (CVE-2019-3973).
Patches Yet To Arrive
Tenable, upon discovering the vulnerabilities, disclosed the flaws to Comodo in April this year. Nonetheless, until the time of disclosure, the vendors couldn’t patch the flaws.
However, in an email to Infosecurity, Comodo assured to roll-out the patches in the coming days.
There have been no reported incidents exploiting any of these vulnerabilities and no customers reporting related issues to us. The Comodo product team has been working diligently to resolve all vulnerabilities and all fixes will be released by Monday, July 29.
Hence, Comodo users must ensure updating their devices as soon as the fixes roll-out to stay protected.
Let us know your thoughts in the comments.
Latest posts by Abeerah Hashim (see all)
- Heroku PaaS Service Found Hosting Numerous Magecart Skimmers - December 6, 2019
- Google Patched Multiple Critical Vulnerabilities In Android With December Update - December 6, 2019
- US Data Center Provider CyrusOne Suffered Ransomware Attack - December 5, 2019