CVE-2022-34008
First published: Tue Jun 21 2022(Updated: )
Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Comodo Antivirus | =12.2.2.8012 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Comodo Antivirus flaw?
The vulnerability ID for this Comodo Antivirus flaw is CVE-2022-34008.
What is the severity of CVE-2022-34008?
The severity of CVE-2022-34008 is high, with a CVSS score of 7.8.
How does the privilege escalation occur in Comodo Antivirus 12.2.2.8012?
A low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder, allowing for privilege escalation.
Is the privilege escalation vulnerability specific to Comodo Antivirus 12.2.2.8012?
Yes, the privilege escalation vulnerability is specific to Comodo Antivirus version 12.2.2.8012.
How can I mitigate the privilege escalation vulnerability in Comodo Antivirus 12.2.2.8012?
To mitigate the vulnerability, it is recommended to update Comodo Antivirus to a fixed version provided by the vendor.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/comodo
- canonical/comodo antivirus
- version/comodo antivirus/12.2.2.8012