Internet Security Security Vulnerabilities and Issues — Internet Security CVE List

ComodoInternet Security

9 matches found

CVE•added 2024/07/29 9:18 p.m.•60 views

CVE-2024-7248

Comodo Internet Security Pro is affected by a Directory Traversal Local Privilege Escalation vulnerability in the update mechanism. The flaw arises from insufficient validation of a user-supplied path used in file operations, enabling a local attacker who can execute low-privileged code to escala...

7.8CVSS7.8AI score0.00476EPSS

CVE•added 2024/07/29 9:18 p.m.•59 views

CVE-2024-7250

CVE-2024-7250 : A local privilege escalation affecting Comodo Internet Security Pro. The flaw is in the cmdagent executable, where an attacker who can run low-privilege code can abuse a symbolic link to delete a file and escalate to SYSTEM, gaining arbitrary code execution. Public details across ...

7.8CVSS7.8AI score0.00319EPSS

CVE•added 2024/07/29 9:18 p.m.•55 views

CVE-2024-7251

CVE-2024-7251 affects Comodo Internet Security Pro via the cmdagent executable. The flaw allows a local attacker who can run low-privileged code to abuse a symbolic link to trigger file creation, escalating privileges to SYSTEM and potentially executing arbitrary code. The root cause is a link-fo...

7.8CVSS7.8AI score0.00319EPSS

CVE•added 2019/07/25 4:28 p.m.•49 views

CVE-2019-14270

CVE-2019-14270 affects Comodo Antivirus, Comodo Firewall, and Comodo Internet Security Premium up to version 12.0.0.6870, which use the Comodo Container feature and are vulnerable to a Sandbox Escape. Connected documents confirm the affected products and the sandbox-escape vector, but do not prov...

7.1CVSS6.9AI score0.00457EPSS

CVE•added 2024/07/29 9:18 p.m.•49 views

CVE-2024-7252

CVE-2024-7252 affects Comodo Internet Security Pro; the flaw is in the cmdagent executable. The vulnerability arises from an attacker-controlled symbolic link denial that enables local privilege escalation by abusing the cmdagent to delete a file, allowing code execution with SYSTEM privileges af...

7.8CVSS7.8AI score0.00319EPSS

CVE•added 2025/07/06 10:2 p.m.•34 views

CVE-2025-7096

CVE-2025-7096 affects Comodo Internet Security Premium 12.3.4.8162, targeting the Manifest File Handler’s cis_update_x64.xml. The issue involves improper validation of the file’s integrity check value, allowing remote initiation of the attack. Documented attack complexity is high and exploitation...

9.2CVSS8.2AI score0.00391EPSS

CVE•added 2025/07/06 10:32 p.m.•31 views

CVE-2025-7097

CVE-2025-7097 affects Comodo Internet Security Premium 12.3.4.8162. The vulnerability is in the Manifest File Handler’s cis_update_x64.xml processing, where manipulating the binary/params argument enables os command injection. Exploitation is network‑based and may be remote; attack complexity is ...

9.2CVSS8.4AI score0.04697EPSS

CVE•added 2025/07/06 9:32 p.m.•27 views

CVE-2025-7095

CVE-2025-7095 affects Comodo Internet Security Premium 12.3.4.8162, specifically the Update Handler component. The issue is an improper certificate validation vulnerability that enables remote initiation of an attack. Documents describe a high attack complexity and difficult exploitability, with ...

6.3CVSS4.2AI score0.00228EPSS

CVE•added 2025/07/06 11:2 p.m.•27 views

CVE-2025-7098

CVE-2025-7098 describes a path traversal vulnerability in Comodo Internet Security Premium 12.3.4.8162, impacting the File Name Handler component. The issue arises from manipulation of the name/folder argument, enabling path traversal and remote exploitation. The CVSS vectors in the provided sour...

8.8CVSS5.5AI score0.00593EPSS