CVE-2019-3971

EUVD-2019-13578

17.07.2019, 21:15

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local Denial of Service affecting CmdVirth.exe via its LPC port "cmdvrtLPCServerPort". A low privileged local process can connect to this port and send an LPC_DATAGRAM, which triggers an Access Violation due to hardcoded NULLs used for Source parameter in a memcpy operation that is called for this handler. This results in CmdVirth.exe and its child svchost.exe instances to terminate.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Affected Products (NVD)

Vendor	Product	Version
comodo	antivirus	𝑥 ≤ 12.0.0.6810

𝑥

= Vulnerable software versions

Known Exploits!

https://www.tenable.com/security/research/tra-2019-34
https://www.tenable.com/security/research/tra-2019-34

References

https://www.tenable.com/security/research/tra-2019-34