CVE-2019-3969
First published: Wed Jul 17 2019(Updated: )
Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent such as writing to the registry with SYSTEM privileges.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Comodo Antivirus | <=12.0.0.6810 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2019-3969?
CVE-2019-3969 has been assigned a medium severity rating due to its potential for local privilege escalation.
How do I fix CVE-2019-3969?
To fix CVE-2019-3969, upgrade to Comodo Antivirus version 12.0.0.6811 or later.
Who is affected by CVE-2019-3969?
CVE-2019-3969 affects all versions of Comodo Antivirus up to 12.0.0.6810.
What kind of attack does CVE-2019-3969 enable?
CVE-2019-3969 enables local privilege escalation attacks through process hollowing.
What is the impact of CVE-2019-3969?
The impact of CVE-2019-3969 is that it allows a local attacker to invoke sensitive methods within the CmdAgent.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/comodo
- canonical/comodo antivirus
- version/comodo antivirus/12.0.0.6810