{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-06-21T14:20:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://antivirus.comodo.com/"}, {"tags": ["x_refsource_MISC"], "url": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-34008", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://antivirus.comodo.com/", "refsource": "MISC", "url": "https://antivirus.comodo.com/"}, {"name": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8", "refsource": "MISC", "url": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T08:16:16.235Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://antivirus.comodo.com/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-34008", "datePublished": "2022-06-21T14:20:23", "dateReserved": "2022-06-19T00:00:00", "dateUpdated": "2024-08-03T08:16:16.235Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:comodo:antivirus:12.2.2.8012:*:*:*:*:*:*:*", "matchCriteriaId": "4C3A3651-D95A-45BA-B4A3-754B4E6F60DD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Comodo Antivirus 12.2.2.8012 has a quarantine flaw that allows privilege escalation. To escalate privilege, a low-privileged attacker can use an NTFS directory junction to restore a malicious DLL from quarantine into the System32 folder."}, {"lang": "es", "value": "Comodo Antivirus versi\u00f3n 12.2.2.8012, presenta un fallo de cuarentena que permite una escalada de privilegios. Para escalar privilegios, un atacante con pocos privilegios puede usar una uni\u00f3n de directorios NTFS para restaurar una DLL maliciosa de la cuarentena a la carpeta System32"}], "id": "CVE-2022-34008", "lastModified": "2024-11-21T07:08:46.157", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-21T15:15:09.407", "references": [{"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "https://antivirus.comodo.com/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product", "Vendor Advisory"], "url": "https://antivirus.comodo.com/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://r0h1rr1m.medium.com/comodo-antivirus-local-privilege-escalation-through-insecure-file-move-476a4601d9b8"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}