Privilege Escalation Vulnerability in COMODO Backup Driver
CVE-2014-9633

Currently unrated

Key Information:

Vendor: Comodo
Status: Backup
Vendor: CVE Published:; 3 February 2015

What is CVE-2014-9633?

The bdisk.sys driver in older versions of COMODO Backup exhibits a vulnerability that allows remote attackers to escalate privileges. This flaw can be exploited through a crafted device handle, resulting in a NULL pointer dereference. As a consequence, unauthorized access and control may be granted to attackers, compromising the integrity and security of the affected system.

References

http://www.exploit-db.com/exploits/35905

exploitx_refsource_EXPLOIT-DB

http://packetstormsecurity.com/files/130094/Comodo-Backup...

x_refsource_MISC

http://forums.comodo.com/news-announcements-feedback-cb/c...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2015
Vulnerability Reserved
Jan 22, 2015