CVE-2019-3970

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://www.tenable.com/security/research/tra-2019-34	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:comodo:antivirus:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-07-17 21:15

Updated : 2024-02-04 20:20

NVD link : CVE-2019-3970

Mitre link : CVE-2019-3970

CVE.ORG link : CVE-2019-3970

JSON object : View

Products Affected

comodo

antivirus

CWE

CWE-668

Exposure of Resource to Wrong Sphere

{"id": "CVE-2019-3970", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-07-17T21:15:12.593", "references": [{"url": "https://www.tenable.com/security/research/tra-2019-34", "tags": ["Exploit", "Third Party Advisory"], "source": "vulnreport@tenable.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures."}, {"lang": "es", "value": "Comodo Antivirus versiones hasta la 12.0.0.6810 y anteriores, son vulnerables a la Escritura de Archivos Arbitraria debido a que el archivo Cavwp.exe maneja la base de datos del Antivirus de Comodo. Cavwp.exe carga la base de datos de definici\u00f3n del antivirus de Comodo en objetos de secci\u00f3n global no protegidos, lo que permite que un proceso local poco privilegiado modifique estos datos directamente y cambie las firmas de virus."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:comodo:antivirus:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA5A70E5-7206-41FE-8EA1-4BD6E935E882", "versionEndIncluding": "12.0.0.6810"}], "operator": "OR"}]}], "sourceIdentifier": "vulnreport@tenable.com"}