Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder.
References
Link | Resource |
---|---|
https://antivirus.comodo.com/ | Product Vendor Advisory |
https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-06-21T14:20:23
Updated: 2022-06-21T14:20:23
Reserved: 2022-06-19T00:00:00
Link: CVE-2022-34008
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-21T15:15:09.407
Modified: 2023-08-08T14:22:24.967
Link: CVE-2022-34008
JSON object: View
Redhat Information
No data.
CWE