Privilege Escalation Vulnerability in Comodo Antivirus
CVE-2022-34008

7.8HIGH

Key Information:

Vendor: Comodo
Status: Antivirus
Vendor: CVE Published:; 21 June 2022

What is CVE-2022-34008?

Comodo Antivirus version 12.2.2.8012 contains a vulnerability that allows low-privileged attackers to exploit a flaw in the quarantine feature. By using an NTFS directory junction, an attacker can restore a malicious DLL file from quarantine into the System32 folder. This action opens the door for further attempts at privilege escalation, which can compromise the security of the system.

References

https://antivirus.comodo.com/

x_refsource_MISC

https://r0h1rr1m.medium.com/comodo-antivirus-local-privil...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 21, 2022
Vulnerability Reserved
Jun 19, 2022