Use-After-Free Vulnerability in Comodo Antivirus Sandboxing Mechanism
CVE-2019-14694

4.7MEDIUM

Key Information:

Vendor: Comodo
Status: Antivirus
Vendor: CVE Published:; 28 August 2019

What is CVE-2019-14694?

A use-after-free vulnerability in Comodo Antivirus occurs within the sandbox container managed by cmdguard.sys. This flaw can be exploited via a race condition during the processing of IRP_MJ_CLEANUP requests, particularly in the minifilter designed for directory change notifications. An attacker can leverage this issue to trigger a denial of service, potentially causing the system to crash (BSOD) when executing an application within the sandboxed environment.

References

http://rce4fun.blogspot.com/2019/08/comodo-antivirus-sand...

x_refsource_MISC

https://github.com/SouhailHammou/Exploits/blob/master/CVE...

x_refsource_MISC

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2019
Vulnerability Reserved
Aug 6, 2019