CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-3969

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Privilege Escalation due to CmdAgent's handling of COM clients. A local process can bypass the signature check enforced by CmdAgent via process hollowing which can then allow the process to invoke sensitive COM methods in CmdAgent such as writing to the registry with SYSTEM privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

https://www.tenable.com/security/research/tra-2019-34
https://www.tenable.com/security/research/tra-2019-34

Products affected by CVE-2019-3969

Comodo » Antivirus » Version: 1.0

cpe:2.3:a:comodo:antivirus:1.0
Comodo » Antivirus » Version: 11.0.0.6582

cpe:2.3:a:comodo:antivirus:11.0.0.6582
Comodo » Antivirus » Version: 12.0.0.6810

cpe:2.3:a:comodo:antivirus:12.0.0.6810
Comodo » Antivirus » Version: 2.2

cpe:2.3:a:comodo:antivirus:2.2
Comodo » Antivirus » Version: 8.1

cpe:2.3:a:comodo:antivirus:8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3969

Products

Pricing

Contact Us